| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: HitmanPro Alert gibt Warnung aus - Browser kompromittiert?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
01.11.2014, 16:06
| #1 |
 |  HitmanPro Alert gibt Warnung aus - Browser kompromittiert? Hallo, ich habe vor gut einer Woche HitmanProAlert auf meinem Rechner istalliert und heute gibt das Programm bei meinm Firefox folgende Meldung aus: "Anwendung Firefox (firefox.exe, 6252) Kritische Browserfunktionen wurden von einer vermutlich schadhaften Software kompromittiert. Geben Sie keinerlei persönliche Daten auf Webseiten ein. Auch Online-Banking ist unsicher"; der Computer solle überprüft werden“. Bei Chrome/IE habe ich diese Meldung nicht. Ich muss gestehen, ich kann mir diese Meldung nicht erklären, weil vorhin noch alles in Ordnung war, bevor ich Einkaufen gegangen bin und nachdem ich wieder zu Hause war, diese Meldung ausgegeben wurde; ich habe heute morgen lediglich die üblichen Tageszeitungen gelesen (Spiegel-Online & Co.) sowie ein paar Computerseiten (Prad, Computerbase). Ich kann mir nicht vorstellen, dass ich mir dort etwas eingefangen haben sollte. Dennoch habe ich die Sache natürlich ernst genommen und das System mit folgenden Programmen gescannt, ohne Fund (bis auf Kleinigkeiten ohne großes Schadpotential: Bidefender Antivirus, Housecall, Malwarebytes, HitmanPro, Spybot und BootkitRemoval. Jetzt stellt sich für mich die Frage, handelt es sich um eine Falschmeldung oder ist doch irgend etwas in meinem System unsauber. FRST-Log: Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-11-2014
Ran by Admin (administrator) on MOONCHILD-PC on 01-11-2014 15:02:55
Running from K:\COMPUTER\Neuinstall Windows 7\Die wichtigsten Programme\Sicherheit\Sicherheitstools\Antivirenaktion
Loaded Profiles: Moonchild & Admin & Administrator (Available profiles: Moonchild & Admin & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozy, Inc.) K:\Windows_SSD\MOZY\mozybackup.exe
(Mozy, Inc.) K:\Windows_SSD\MOZY\mozybackup.exe
(Mozy, Inc.) K:\Windows_SSD\MOZY\mozybackup.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
() C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Comfort Software Group) C:\Program Files (x86)\HotAlarmClock\HotAlarmClock.exe
(Mozy, Inc.) C:\Program Files\Mozy Sync\mozysync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Portrait Displays\DisplayView Click\dthtml.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\seccenter.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Mozy, Inc.) K:\Windows_SSD\MOZY\mozybackup.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\seccenter.exe
() K:\COMPUTER\Neuinstall Windows 7\Die wichtigsten Programme\Sicherheit\Sicherheitstools\Antivirenaktion\Gmer-19357.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1575192 2013-10-24] (Bitdefender)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [DT FUS] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [123248 2012-09-26] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2109952 2014-10-07] (Dominik Reichl)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [EMET 4.1 Agent] => C:\Program Files (x86)\EMET 4.1\EMET_agent.exe [78992 2013-11-21] (Microsoft Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)
HKLM-x32\...\Run: [Trend Micro RUBotted V2.0 Beta] => C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe [1102872 2013-07-25] (Trend Micro Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [94416 2013-02-05] ()
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\Run: [Google Update] => C:\Users\Moonchild\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-23] (Google Inc.)
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\Run: [HotAlarmClock] => C:\Program Files (x86)\HotAlarmClock\HotAlarmClock.exe [22725400 2014-05-16] (Comfort Software Group)
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\MountPoints2: {05dabfe1-3f6e-11e1-a3c3-806e6f6e6963} - L:\Run.exe
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\MountPoints2: {e091f18d-04da-11e4-b8b1-001a7dda710b} - H:\pushinst.exe
HKU\S-1-5-21-365492360-3355046920-2098280994-1007\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group)
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [94416 2013-02-05] ()
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\Run: [Klebezettel NG] => C:\Program Files (x86)\Klebezettel NG\klebez.exe [4433408 2012-04-06] (Hollie-Soft)
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\MountPoints2: {05dabfe1-3f6e-11e1-a3c3-806e6f6e6963} - L:\Run.exe
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\MountPoints2: {73d1f0d9-fbbf-11e2-95bb-806e6f6e6963} - L:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
Startup: C:\Users\Moonchild\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozy Sync.lnk
ShortcutTarget: Mozy Sync.lnk -> C:\Program Files\Mozy Sync\mozysync.exe (Mozy, Inc.)
SSODL: EldosMountNotificator-cbfs4 - {F9FF334C-5B00-4CBA-8B28-A3D6A9A46476} - C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - No File
SSODL-x32: EldosMountNotificator-cbfs4 - {F9FF334C-5B00-4CBA-8B28-A3D6A9A46476} - C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ mozysyncNotUploaded] -> {34DF8AC2-A6BB-4855-B45A-CC1B4D9183E3} => C:\Program Files\Mozy Sync\mozysyncshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [ mozysyncPendingChanges] -> {6673BC77-4A7B-4299-A130-14312E6B203A} => C:\Program Files\Mozy Sync\mozysyncshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [ mozysyncUpToDate] -> {04547006-32F5-4635-844B-B8D7FCE47692} => C:\Program Files\Mozy Sync\mozysyncshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs4] -> {D12E2777-CA9C-4EBD-AA9B-A8660DEF371F} => C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [mozy] -> {b32a6748-f273-4546-b60a-3c5adc239de5} => K:\Windows_SSD\MOZY\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy2] -> {747E722C-CB46-4a9d-BDFE-192AAD5099B1} => K:\Windows_SSD\MOZY\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy3] -> {EE6F5A00-7898-40f7-AB77-51FF9D6DEB20} => K:\Windows_SSD\MOZY\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs4] -> {D12E2777-CA9C-4EBD-AA9B-A8660DEF371F} => C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: FlashCatchBHO Class -> {88618A96-6D8A-42E7-B932-9073D5B2080F} -> C:\Program Files (x86)\FlashCatch\flashcatch.dll (Level 9 Technology, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - FlashCatch - {10CECF4F-A96E-4803-8AC2-F565FB29FF47} - C:\Program Files (x86)\FlashCatch\flashcatch.dll (Level 9 Technology, Inc.)
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A25C9FE1-77F9-4C49-B32A-8665F4273309}: [NameServer] 192.168.178.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> K:\Windows_SSD\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-25]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-25]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-03-07]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-27]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
Chrome:
=======
CHR StartMenuInternet: Google Chrome - C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4163584 2014-02-24] (Emsisoft GmbH)
R2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-10-24] (Bitdefender)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3611128 2014-02-11] (devolo AG)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [139632 2012-09-26] (Portrait Displays, Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-11-01] (SurfRight B.V.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-10-27] (SurfRight B.V.)
R2 mozybackup; K:\Windows_SSD\MOZY\mozybackup.exe [54040 2011-09-29] (Mozy, Inc.)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-07-23] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RUBotSrv; C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe [443416 2013-07-25] (Trend Micro Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-10-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1645256 2013-10-24] (Bitdefender)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-04-20] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2014-02-24] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2014-02-24] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2014-02-24] (Emsisoft GmbH)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-10-24] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-10-24] (BitDefender)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-04-30] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-10-24] (BitDefender SRL)
R1 cbfs4; C:\Windows\system32\drivers\cbfs4.sys [385728 2013-03-01] (EldoS Corporation)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2014-02-24] (Emsisoft GmbH)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH)
R3 GEARAspiWDM; C:\Windows\SysWOW64\DRIVERS\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-24] (BitDefender LLC)
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2014-10-27] ()
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [9000256 2012-08-24] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2012-06-19] (Intel(R) Corporation) [File not signed]
R1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67808 2013-05-02] (Mozy, Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation )
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-24] (BitDefender S.R.L.)
S3 7ByteIo; \??\c:\program files (x86)\hot cpu tester pro 4\SysInfoX64.sys [X]
S3 cpuz135; \??\K:\WINDOW~1\Temp\cpuz135\cpuz135_x64.sys [X]
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GPU-Z; \??\C:\Users\Admin\AppData\Local\Temp\GPU-Z.sys [X]
U3 pwliquob; \??\C:\Users\Admin\AppData\Local\Temp\pwliquob.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-01 14:50 - 2014-11-01 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-11-01 14:50 - 2014-11-01 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro RUBotted
2014-11-01 14:50 - 2014-11-01 14:50 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-11-01 14:50 - 2014-11-01 14:50 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-10-27 23:06 - 2014-10-27 23:06 - 00000000 ____D () C:\Users\Moonchild\AppData\Local\Downloaded Installations
2014-10-27 17:18 - 2014-10-27 17:18 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Macromedia
2014-10-27 16:55 - 2014-10-27 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-10-27 16:53 - 2014-10-27 16:53 - 00000000 ____D () C:\Users\Admin\AppData\Local\Logishrd
2014-10-27 16:53 - 2014-10-27 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-10-27 16:52 - 2014-10-27 16:52 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Logishrd
2014-10-27 16:50 - 2014-10-27 16:50 - 00000000 _____ () C:\Users\Admin\Desktop\Sicherungskopie von Malwarebytes Einstellungen.wbk
2014-10-27 10:40 - 2014-11-01 14:02 - 00000000 ____D () C:\Windows\CryptoGuard
2014-10-27 10:40 - 2014-10-27 16:31 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-10-27 10:40 - 2014-10-27 10:57 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-10-27 10:40 - 2014-10-27 10:57 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-10-27 10:40 - 2014-10-27 10:57 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-10-27 10:40 - 2014-10-27 10:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2014-10-27 10:40 - 2014-10-27 10:40 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-10-27 08:43 - 2014-10-27 08:43 - 00002230 _____ () C:\Users\Admin\Desktop\HitmanPro_20141027_0843.log
2014-10-26 23:54 - 2014-10-27 09:28 - 00002029 _____ () C:\Users\Admin\Desktop\Entfernen des Avira EU-Cleaners.lnk
2014-10-26 23:54 - 2014-10-27 09:28 - 00001973 _____ () C:\Users\Admin\Desktop\Avira EU-Cleaner.lnk
2014-10-25 16:28 - 2014-10-25 16:28 - 00001067 _____ () C:\Users\Admin\Desktop\Hot Alarm Clock.lnk
2014-10-25 16:28 - 2014-10-25 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hot Alarm Clock
2014-10-25 16:27 - 2014-10-25 16:28 - 00000000 ____D () C:\Program Files (x86)\HotAlarmClock
2014-10-25 08:30 - 2014-10-25 08:30 - 00001043 _____ () C:\Users\Admin\Desktop\MonitorTest.lnk
2014-10-25 08:30 - 2014-10-25 08:30 - 00000000 ____D () C:\ProgramData\PassMark
2014-10-25 08:30 - 2014-10-25 08:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MonitorTest
2014-10-25 08:30 - 2014-10-25 08:30 - 00000000 ____D () C:\Program Files (x86)\MonitorTest
2014-10-20 08:01 - 2014-10-20 08:01 - 00001079 _____ () C:\Users\Admin\Desktop\Free Alarm Clock.lnk
2014-10-20 08:01 - 2014-10-20 08:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock
2014-10-20 08:01 - 2014-10-20 08:01 - 00000000 ____D () C:\Program Files (x86)\FreeAlarmClock
2014-10-19 12:06 - 2014-10-19 12:06 - 00004957 _____ () C:\Users\Moonchild\AppData\Local\recently-used.xbel
2014-10-18 23:52 - 2014-10-18 23:52 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-10-18 23:51 - 2014-05-14 17:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-10-18 23:51 - 2014-05-14 15:00 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-10-18 23:51 - 2014-05-12 19:11 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-10-18 23:51 - 2014-05-09 10:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-10-18 23:51 - 2014-04-30 10:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-10-18 23:51 - 2014-04-28 14:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-10-18 23:51 - 2014-04-25 12:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-10-18 23:51 - 2014-04-25 12:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-10-18 23:51 - 2014-04-10 11:20 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-10-18 23:51 - 2014-04-10 11:19 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-10-18 23:51 - 2014-04-10 11:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-10-18 23:51 - 2014-04-10 11:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-10-18 23:51 - 2014-04-10 11:19 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-10-18 23:51 - 2014-04-07 15:03 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-10-18 23:51 - 2014-04-07 15:03 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-10-18 23:51 - 2014-04-07 15:03 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-10-18 23:51 - 2014-04-07 15:03 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-10-18 23:51 - 2014-03-06 15:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-10-18 23:51 - 2014-02-18 16:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-10-18 23:51 - 2014-02-06 10:28 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-10-18 23:51 - 2014-01-28 10:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-10-18 23:51 - 2013-10-16 02:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-10-18 23:51 - 2013-10-11 11:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-10-18 23:51 - 2013-10-11 10:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-10-18 23:51 - 2013-08-14 14:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-10-18 23:51 - 2013-08-14 14:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-10-18 23:51 - 2012-11-14 10:41 - 00378000 _____ (Realtek Semiconductor) C:\Windows\system32\RtkGuiCompLib.dll
2014-10-18 23:51 - 2012-08-31 18:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-10-18 23:51 - 2012-08-31 18:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-10-18 23:51 - 2012-08-31 18:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-10-18 23:51 - 2012-08-31 18:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-10-18 23:51 - 2012-08-31 18:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-10-18 23:51 - 2012-03-08 10:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-10-18 23:51 - 2011-12-20 14:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-10-18 23:51 - 2011-11-22 15:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-10-18 23:51 - 2011-09-02 13:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-10-18 23:51 - 2011-09-02 13:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-10-18 23:51 - 2011-09-02 13:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-10-18 23:51 - 2010-11-03 17:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-10-18 23:51 - 2010-09-27 08:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-10-18 23:51 - 2010-07-22 15:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-10-18 23:51 - 2009-11-24 08:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-10-18 23:51 - 2009-11-24 08:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-10-18 23:51 - 2009-11-24 08:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-10-18 23:51 - 2009-11-24 08:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-10-17 09:10 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-17 09:10 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-17 09:10 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-17 09:10 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-17 09:10 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-17 09:10 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-17 09:10 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-17 09:10 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-17 09:10 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-17 09:10 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-17 09:10 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-17 09:10 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-17 09:10 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-17 09:10 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-17 09:10 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-17 09:10 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-17 09:10 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-17 09:10 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-17 09:10 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-17 09:10 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-17 09:10 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-17 09:10 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-17 09:10 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-17 09:10 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-17 09:10 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-17 09:10 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-17 09:10 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-17 09:10 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-17 09:10 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-17 09:10 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-17 09:10 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-17 09:10 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-17 09:10 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-17 09:10 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-17 09:10 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-17 09:10 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-17 09:10 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-17 09:10 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-17 09:10 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-17 09:10 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-17 09:10 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-17 09:10 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-17 09:10 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-17 09:10 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-17 09:10 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-17 09:10 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-17 09:10 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-17 09:10 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-17 09:10 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-17 09:10 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-17 09:10 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-17 09:10 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-17 09:10 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-17 09:10 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-17 09:10 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-17 09:10 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-17 09:09 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-17 09:09 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-17 09:09 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-17 09:09 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-17 09:09 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-17 09:09 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-17 09:09 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-17 09:09 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-17 09:09 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-17 09:09 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-17 09:09 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-17 09:09 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-17 09:09 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-17 09:09 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-17 09:09 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-17 09:09 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-17 09:09 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-17 09:09 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-17 09:09 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-17 09:09 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-17 09:09 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-17 09:09 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-17 09:09 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-17 09:09 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-17 09:09 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-17 09:09 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-17 09:09 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 11:48 - 2014-10-16 11:48 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-10-08 09:18 - 2014-10-08 09:20 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-10-08 09:18 - 2014-10-08 09:18 - 00001007 _____ () C:\Users\Moonchild\Desktop\SpeedFan.lnk
2014-10-08 09:18 - 2014-10-08 09:18 - 00001007 _____ () C:\Users\Administrator\Desktop\SpeedFan.lnk
2014-10-08 09:18 - 2014-10-08 09:18 - 00001007 _____ () C:\Users\Admin\Desktop\SpeedFan.lnk
2014-10-08 09:18 - 2014-10-08 09:18 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-10-08 09:18 - 2014-10-08 09:18 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-10-08 09:18 - 2014-10-08 09:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-10-03 18:16 - 2014-10-03 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APC
2014-10-03 18:16 - 2014-10-03 18:16 - 00000000 ____D () C:\Program Files (x86)\APC
2014-10-03 17:07 - 2014-10-03 18:15 - 13923704 _____ (Schneider Electric) C:\Users\Admin\PCPE Setup.exe
2014-10-03 17:07 - 2014-10-03 18:15 - 13338112 _____ () C:\Users\Admin\PCPE_3.0.1.msi
2014-10-03 17:07 - 2014-10-03 18:15 - 01079808 _____ (Microsoft Corporation) C:\Users\Admin\mfc80u.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00626688 _____ (Microsoft Corporation) C:\Users\Admin\msvcr80.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021880 _____ (Schneider Electric) C:\Users\Admin\grm_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021880 _____ (Schneider Electric) C:\Users\Admin\fr_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021368 _____ (Schneider Electric) C:\Users\Admin\pt_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021368 _____ (Schneider Electric) C:\Users\Admin\it_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021368 _____ (Schneider Electric) C:\Users\Admin\es_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021368 _____ (Schneider Electric) C:\Users\Admin\en_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00020856 _____ (Schneider Electric) C:\Users\Admin\ru_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00020344 _____ (Schneider Electric) C:\Users\Admin\jp_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00019832 _____ (Schneider Electric) C:\Users\Admin\zh_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00018808 _____ () C:\Users\Admin\ResourceReader.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00000550 _____ () C:\Users\Admin\Microsoft.VC80.MFC.manifest
2014-10-03 17:07 - 2014-10-03 18:15 - 00000522 _____ () C:\Users\Admin\Microsoft.VC80.CRT.manifest
2014-10-03 17:07 - 2014-10-03 18:15 - 00000014 _____ () C:\Users\Admin\dotnetfolder.txt
2014-10-02 09:20 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-02 09:20 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-02 09:20 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-10-02 09:20 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-01 15:02 - 2014-04-21 13:19 - 00000000 ____D () C:\FRST
2014-11-01 14:58 - 2012-01-24 19:08 - 00766051 _____ () C:\Windows\setupact.log
2014-11-01 14:42 - 2013-02-10 13:24 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-01 14:40 - 2013-02-08 12:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-01 14:23 - 2012-01-16 08:46 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000UA.job
2014-11-01 14:22 - 2013-02-10 13:24 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-01 14:19 - 2013-09-16 14:25 - 00000501 _____ () C:\Windows\system32\checkdnsid.xml
2014-11-01 14:02 - 2014-02-21 12:20 - 00000000 ____D () C:\Users\Moonchild\AppData\Local\mozysync
2014-11-01 13:57 - 2012-01-15 12:46 - 01291526 _____ () C:\Windows\WindowsUpdate.log
2014-11-01 13:56 - 2011-04-12 08:43 - 00702942 _____ () C:\Windows\system32\perfh007.dat
2014-11-01 13:56 - 2011-04-12 08:43 - 00150582 _____ () C:\Windows\system32\perfc007.dat
2014-11-01 13:56 - 2009-07-14 06:13 - 01629348 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-01 13:56 - 2009-07-14 05:45 - 00031680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-01 13:56 - 2009-07-14 05:45 - 00031680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-01 13:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-01 11:18 - 2012-04-03 16:18 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-11-01 11:17 - 2013-03-03 10:40 - 00000000 ____D () C:\Users\Moonchild\AppData\Roaming\KeePass
2014-11-01 03:48 - 2012-01-15 17:33 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{330A11D1-DDF4-4F3D-9779-05555AECB1C3}
2014-11-01 01:31 - 2012-02-07 10:42 - 00010720 _____ () C:\Windows\mozy.blk
2014-11-01 01:31 - 2012-02-07 10:42 - 00005462 _____ () C:\Windows\mozy.flt
2014-10-31 22:22 - 2014-04-03 23:41 - 00000000 ___RD () C:\Users\Moonchild\Downloads\Aktuell gucken
2014-10-31 16:24 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-31 16:23 - 2012-04-25 23:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-31 13:23 - 2012-01-16 08:46 - 00001084 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000Core.job
2014-10-31 12:27 - 2014-09-25 09:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-30 23:20 - 2014-07-01 11:42 - 00001264 _____ () C:\Users\Admin\Desktop\Revo Uninstaller.lnk
2014-10-30 23:20 - 2014-07-01 11:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-30 23:16 - 2012-01-19 17:12 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-30 23:06 - 2013-09-14 14:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-30 23:04 - 2014-09-11 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-30 23:04 - 2013-10-27 00:20 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-30 23:04 - 2013-09-14 14:19 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-30 23:04 - 2013-09-14 14:19 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-30 23:04 - 2013-09-14 14:19 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-28 07:37 - 2012-02-02 00:45 - 08228684 _____ () C:\Windows\PFRO.log
2014-10-28 00:54 - 2013-03-06 17:09 - 00000000 ____D () C:\Users\Moonchild\AppData\Roaming\Dropbox
2014-10-27 17:34 - 2014-06-28 10:42 - 00000000 ____D () C:\Windows\ERUNT
2014-10-27 17:30 - 2014-02-24 20:03 - 00000000 ____D () C:\Program Files (x86)\Secure Banking
2014-10-27 16:56 - 2014-04-22 12:12 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-27 16:56 - 2014-04-22 12:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-10-27 16:53 - 2012-03-20 16:40 - 00025858 _____ () C:\Windows\LDPINST.LOG
2014-10-27 16:53 - 2012-03-20 16:40 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-10-27 16:53 - 2012-03-20 16:40 - 00004482 _____ () C:\Windows\LkmdfCoInst.log
2014-10-27 16:53 - 2012-03-20 16:40 - 00000000 ____D () C:\ProgramData\Logishrd
2014-10-27 16:53 - 2012-03-20 16:40 - 00000000 ____D () C:\Program Files\Logitech
2014-10-27 16:53 - 2012-03-20 16:39 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2014-10-27 16:52 - 2014-04-21 13:52 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Logitech
2014-10-27 16:44 - 2014-04-21 13:52 - 00118368 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-26 20:32 - 2012-01-25 00:31 - 00000561 _____ () C:\Users\Moonchild\AppData\Roaming\burnaware.ini
2014-10-26 20:30 - 2013-04-29 14:30 - 00000000 ____D () C:\Users\Moonchild\AppData\Roaming\vlc
2014-10-26 20:30 - 2012-11-26 22:07 - 00000000 ____D () C:\Users\Moonchild\AppData\Roaming\dvdcss
2014-10-26 08:30 - 2009-07-14 05:45 - 00445688 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-25 23:18 - 2014-02-24 20:33 - 00000032 _____ () C:\Windows\SysWOW64\thxcfg.ini
2014-10-25 23:18 - 2013-04-07 12:16 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-10-25 16:45 - 2012-01-15 14:42 - 00118368 _____ () C:\Users\Moonchild\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-24 09:53 - 2014-04-21 13:52 - 00000000 ____D () C:\Users\Admin
2014-10-23 12:18 - 2012-01-16 08:46 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000UA
2014-10-23 12:18 - 2012-01-16 08:46 - 00003718 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000Core
2014-10-19 12:06 - 2014-01-05 12:25 - 00000000 ____D () C:\Users\Moonchild\AppData\Local\gtk-2.0
2014-10-19 12:06 - 2013-04-09 07:45 - 00000000 ____D () C:\Users\Moonchild\.gimp-2.8
2014-10-18 23:52 - 2012-11-26 22:56 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-10-18 23:51 - 2012-01-15 15:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-18 18:37 - 2013-02-10 13:24 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 18:37 - 2013-02-10 13:24 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 21:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-17 20:25 - 2012-01-15 16:12 - 00000000 ____D () C:\Users\Administrator
2014-10-17 09:14 - 2012-01-15 19:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-17 09:12 - 2013-07-12 07:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-17 09:10 - 2012-01-16 11:57 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-17 08:49 - 2014-05-14 17:51 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-10-17 08:45 - 2013-02-08 12:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-17 08:45 - 2012-10-13 16:18 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-17 08:45 - 2012-10-13 16:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-16 11:48 - 2014-04-21 13:54 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\KeePass
2014-10-16 11:48 - 2013-03-03 10:36 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-10-05 09:25 - 2014-03-24 21:19 - 00000000 ____D () C:\Users\Moonchild\Downloads\Sechserpack
2014-10-03 23:49 - 2014-07-26 07:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
Files to move or delete:
====================
C:\Users\Admin\en_res.dll
C:\Users\Admin\es_res.dll
C:\Users\Admin\fr_res.dll
C:\Users\Admin\grm_res.dll
C:\Users\Admin\it_res.dll
C:\Users\Admin\jp_res.dll
C:\Users\Admin\mfc80u.dll
C:\Users\Admin\msvcr80.dll
C:\Users\Admin\PCPE Setup.exe
C:\Users\Admin\pt_res.dll
C:\Users\Admin\ResourceReader.dll
C:\Users\Admin\ru_res.dll
C:\Users\Admin\zh_res.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-26 15:12
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2014
Ran by Moonchild at 2014-11-01 15:29:14
Running from K:\COMPUTER\Neuinstall Windows 7\Die wichtigsten Programme\Sicherheit\Sicherheitstools\Antivirenaktion
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Virenschutz (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall (Disabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version: - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Advanced PDF Password Recovery (HKCU\...\Advanced PDF Password Recovery) (Version: 4.0 - ElcomSoft Co. Ltd.)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.51 - Hulubulu Software)
Amazon Cloud Drive (HKLM-x32\...\{9A766E33-BB01-480F-ABFC-424B8AC11212}) (Version: 0.11.12.0 - Amazon.com)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.0.0.192 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2001616110.48.56.4132210 - Audible, Inc.)
Aufgaben (HKLM-x32\...\{38AFF23A-CE45-4D7D-B8D4-3517125E7DD2}) (Version: 1.1.3 - Holliesoft)
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5 (64-bit)) (Version: 2.5.6.7716 - )
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Batman: Arkham City™ (HKLM-x32\...\GFWL_{57520FA0-AC56-469B-9983-FF1000008300}) (Version: 1.0.0000.131 - WB Games)
Batman: Arkham City™ (x32 Version: 1.0.0000.131 - WB Games) Hidden
Batman: Arkham City™ (x32 Version: 1.0.0003.131 - WB Games) Hidden
Beurer HealthManager (HKLM-x32\...\Beurer HealthManager) (Version: 2.2.0.0 - Beurer Health And Well-Being)
Beurer HealthManager (x32 Version: 2.2.0.0 - Beurer Health And Well-Being) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bitdefender Internet Security 2013 (HKLM\...\Bitdefender) (Version: 16.26.0.1739 - Bitdefender)
BoxCryptor 1.5 (HKLM-x32\...\BoxCryptor) (Version: 1.5.410.149 - Secomba GmbH)
BurnAware Free 6.9.2 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
calibre 64bit (HKLM\...\{50A398DA-4562-40AA-9535-0A14C4AB1DD9}) (Version: 1.21.0 - Kovid Goyal)
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
Canon MP540 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.14 - Piriform)
CD Bremse 1.49 (HKLM-x32\...\CD Bremse_is1) (Version: 1.49 - )
Cimaware OfficeFIX 6.xx (HKCU\...\Cimaware OfficeFIX 6.xx) (Version: - Cimaware Software)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
CPU Speed Pro version 3 (HKLM-x32\...\{E0E0C30A-89AF-11E0-951E-11904824019B}_is1) (Version: 3 - CPU Speed Pro)
CPUID CPU-Z 1.63.0 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor Pro 1.16 (HKLM\...\CPUID HWMonitorPro_is1) (Version: - )
CrystalDiskInfo 6.1.12 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.12 - Crystal Dew World)
CrystalDiskMark 3.0.1b (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.1b - Crystal Dew World)
CUEcards® 2005 (HKLM-x32\...\{C0E7B43A-39F7-4ADA-BF28-B988544F2833}) (Version: 4.29.0 - Marcus Humann Software-Technik)
Data Lifeguard Diagnostic for Windows 1.24 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Debugging Tools for Windows (HKLM-x32\...\{1C943495-B69F-4D41-AE0E-23C57ECD90EE}) (Version: 6.4.7.2 - Microsoft Corporation)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.2.1.0 - devolo AG)
Digitale Bibliothek 4 (HKLM-x32\...\Digitale Bibliothek 4) (Version: - )
DisplayView Click (HKLM-x32\...\{7B2E26A2-84CF-4B58-86ED-DE8E73391BDB}) (Version: 5.30.002 - Portrait Displays, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
Doc Scrubber v1.2 (HKLM-x32\...\Doc Scrubber_is1) (Version: 1.2 - BrightFort LLC)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
Dragon Age Redesigned © Morrigan (HKCU\...\Dragon Age Redesigned © Morrigan) (Version: - )
Dragon Age Redesigned- Leliana's Song (HKCU\...\Dragon Age Redesigned- Leliana's Song) (Version: - )
Dragon Age Redesigned Oghren© (HKCU\...\Dragon Age Redesigned Oghren©) (Version: - )
Dragon Age Redesigned© Zevran (HKCU\...\Dragon Age Redesigned© Zevran) (Version: - )
Dragon Age Redesigned© (HKCU\...\Dragon Age Redesigned©) (Version: - )
Dragon Age Redesigned© Leliana (HKCU\...\Dragon Age Redesigned© Leliana) (Version: - )
Dragon Age Redesigned© Sten (HKCU\...\Dragon Age Redesigned© Sten) (Version: - )
Dragon Age Redesigned© Wynne (HKCU\...\Dragon Age Redesigned© Wynne) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
EasyBCD 2.1.2 (HKLM-x32\...\EasyBCD) (Version: 2.1.2 - NeoSmart Technologies)
EMET 4.1 (HKLM-x32\...\{65BC2BDA-D828-4596-99E4-A8799C45C84C}) (Version: 4.1 - Microsoft Corporation)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 6.0 - Emsi Software GmbH)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 5.51 - Astonsoft Ltd)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.115 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
FlashCatch (HKLM-x32\...\{A0AB2980-1FDD-4b6c-940C-FC87C84F05B7}_is1) (Version: - )
Folderico 4.0 RC12 (HKLM-x32\...\Folderico) (Version: 4.0 RC12 - Shedko ( www.softq.org ))
Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.25.000 - Runtime Software)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GMX ProfiFax (HKLM-x32\...\GMX ProfiFax) (Version: 2.00.222 - GMX GmbH)
GMX SMS-Manager (HKLM-x32\...\GMX SMS-Manager) (Version: - )
Google Chrome (HKCU\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
Hot Alarm Clock 4.2.0.0 (HKLM-x32\...\{672C1EE5-D13F-4EDB-A8CA-26711696C040}_is1) (Version: 4.2 - Comfort Software Group)
Hot CPU Tester Pro 4.4.1 (HKLM-x32\...\{BEE9DFE1-7CDF-4D1C-A473-3B3DF8FF1431}_is1) (Version: 4.4 - 7Byte Computers)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{5E11C972-1E76-45FE-8F92-14E0D1140B1B}) (Version: 10.5.3.3 - Apple Inc.)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
KeePass Password Safe 2.28 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl)
Klebezettel NG (Version 2.9.12) (HKLM-x32\...\{4F81901F-3655-4340-8227-F687F69A3C79}}_is1) (Version: - )
K-Lite Codec Pack 9.8.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.8.0 - )
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MAXQDA 10 (R210312) (HKLM-x32\...\MAXQDA10) (Version: (R210312) - VERBI Software.Consult.Sozialforschung GmbH)
MAXQDA 10 Reader (R240113) (HKLM-x32\...\MAXQDA10Reader) (Version: (R240113) - VERBI Software.Consult.Sozialforschung GmbH)
MDB Repair Tool (HKLM-x32\...\ST6UNST #1) (Version: - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{48B08845-0CB0-45EC-893C-15319ADDA312}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.145.0 - Microsoft Corporation)
MonitorTest V3.1 (HKLM-x32\...\MonitorTest_is1) (Version: 3.1 - PassMark Software)
Mozilla Firefox 33.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozy Sync (HKLM\...\{FEC9F6A9-556B-490D-8BF3-BD09A37C4DA1}) (Version: 1.2.1.4039 - Mozy, Inc)
MozyHome (HKLM\...\{06BFC7A0-2C6A-ED03-5684-37E8949A5823}) (Version: 2.26.0.376 - Mozy, Inc.)
MSXML 4.0 (x32 Version: 4.20.9818.0 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.0 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDF Password Remover v3.1 (HKLM-x32\...\PDF Password Remover v3.1_is1) (Version: - VeryPDF.com Inc)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pivot Pro Plugin (x32 Version: 9.50.110 - Portrait Displays, Inc.) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.2.10 - Prolific Technology INC)
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.42 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
Samsung New PC Studio USB Driver Installer (HKLM-x32\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
SDK (x32 Version: 2.34.014 - Portrait Displays, Inc.) Hidden
SDS (Shutdown Scheduler) (HKLM-x32\...\CWK) (Version: 2.50.2.40 - Damian Pasternak)
Secure Banking (HKLM-x32\...\{2088356A-A860-4619-B6DC-F6785AEBBBF7}) (Version: 2.0.0 - Machinecode Technologies)
Secure Banking Version 1.5.2 (HKLM-x32\...\{0BEE0AF9-79F3-4C4F-B374-90C0A16BF294}_is1) (Version: 1.5.2 - Hopfgartner Niklas)
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (HKLM-x32\...\KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation)
SIW version 2011.10.29 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2011.10.29 - Topala Software Solutions)
SMPlayer 0.8.0 (x64) (HKLM\...\SMPlayer) (Version: 0.8.0 - Ricardo Villalba)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.5.2 - Krzysztof Kowalczyk)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TaskUnifier 3.1.1 (HKLM-x32\...\TaskUnifier 3.1.1) (Version: 3.1.1 - )
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version: - Telltale Games)
TimeComX Basic (64-Bit) (HKLM-x32\...\TimeComX Basic 64-Bit) (Version: 1.3.2.4 - Bitdreamers)
Trend Micro RUBotted 2.0 Beta (HKLM-x32\...\{54D4EAF5-4C80-4878-B4AC-5AE454A02E3C}_is1) (Version: 2.0.0.1034 - Trend Micro, Inc.)
TrojanHunter 5.5 (HKLM-x32\...\TrojanHunter_is1) (Version: 5.5 - Mischel Internet Security)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ULTIMATER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ULTIMATER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ULTIMATER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ULTIMATER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veoh Web Player (HKLM-x32\...\Veoh Web Player Beta) (Version: 1.1.2.0000 - Veoh Networks, Inc.)
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}) (Version: 11.0.200 - Nuance Communications Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WhoCrashed 4.01 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Wieldy 0.3.1.996 (HKLM-x32\...\Wieldy) (Version: 0.3.1.996 - Kevin Erath)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\...\BC15EA930074932BB2C4B4493C9FD4EA95087D1A) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
x64 Components v3.9.6 (HKLM\...\x64 Components_is1) (Version: 3.9.6 - Shark007)
xp-AntiSpy 3.98-1 (HKLM-x32\...\xp-AntiSpy) (Version: - Christian Taubenheim)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Moonchild\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Moonchild\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Moonchild\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Moonchild\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Moonchild\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Moonchild\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Moonchild\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-06-01 00:18 - 00450709 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000Core.job => C:\Users\Moonchild\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000UA.job => C:\Users\Moonchild\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-11-26 15:41 - 2012-09-26 11:14 - 00091504 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll
2013-11-26 15:40 - 2012-09-26 11:14 - 00273264 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll
2013-03-07 11:52 - 2013-10-24 14:11 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll
2011-10-07 10:39 - 2011-10-07 10:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2012-01-15 19:36 - 2013-02-05 14:40 - 00094416 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
2013-11-21 10:14 - 2013-11-21 10:14 - 00114176 _____ () C:\Program Files (x86)\EMET 4.1\HelperLib.dll
2013-11-12 09:22 - 2013-11-12 09:22 - 00028672 _____ () C:\Program Files (x86)\EMET 4.1\ReportingSubsystem.dll
2013-11-21 10:14 - 2013-11-21 10:14 - 00348160 _____ () C:\Program Files (x86)\EMET 4.1\DevExpress.UserSkins.HighContrast.dll
2013-11-21 10:14 - 2013-11-21 10:14 - 00023040 _____ () C:\Program Files (x86)\EMET 4.1\TrayIconSubsystem.dll
2013-11-21 10:14 - 2013-11-21 10:14 - 00042496 _____ () C:\Program Files (x86)\EMET 4.1\PKIPinningSubsystem.dll
2013-03-29 16:10 - 2013-10-24 14:11 - 00099256 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdmetrics.dll
2013-07-24 14:29 - 2013-10-24 14:10 - 00436024 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdidntconp.dll
2013-03-29 16:10 - 2013-10-24 14:11 - 00164352 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\bdidntconp.ui
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\Users\Moonchild\Downloads\DANZIG Mama1.avi:TOC.WMV
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MozyHome Status.lnk => C:\Windows\pss\MozyHome Status.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk => C:\Windows\pss\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Moonchild^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^A Note.lnk => C:\Windows\pss\A Note.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Moonchild^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^click.to.lnk => C:\Windows\pss\click.to.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Moonchild^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AutoStartNPSAgent => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DNS7reminder => "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
MSCONFIG\startupreg: Dolby Home Theater v4 => "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: GMX SMS-Manager => C:\Program Files (x86)\GMX\GMX SMS-Manager\SMSMngr.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Moonchild\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: IntelTBRunOnce => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "K:\Windows_SSD\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Klebezettel NG => "C:\Program Files (x86)\Klebezettel NG\klebez.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: Philips Device Listener => "C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe"
MSCONFIG\startupreg: PivotSoftware => "C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" -delay=10
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: THGuard => "C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe"
MSCONFIG\startupreg: TrojanScanner => C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
MSCONFIG\startupreg: VeohPlugin => "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
========================= Accounts: ==========================
Admin (S-1-5-21-365492360-3355046920-2098280994-1007 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-365492360-3355046920-2098280994-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-365492360-3355046920-2098280994-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-365492360-3355046920-2098280994-1006 - Limited - Enabled)
Moonchild (S-1-5-21-365492360-3355046920-2098280994-1000 - Limited - Enabled) => C:\Users\Moonchild
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/01/2014 03:27:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 1.11.2014.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: db8
Startzeit: 01cff5dfc281f889
Endzeit: 4
Anwendungspfad: K:\COMPUTER\Neuinstall Windows 7\Die wichtigsten Programme\Sicherheit\Sicherheitstools\Antivirenaktion\FRST64.exe
Berichts-ID:
Error: (11/01/2014 01:49:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/01/2014 01:28:57 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (10/31/2014 06:20:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/31/2014 04:24:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/31/2014 02:53:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 12.0.6705.5000, Zeitstempel: 0x5418f06f
Name des fehlerhaften Moduls: oart.dll, Version: 12.0.6683.5002, Zeitstempel: 0x520bb41f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a3e3
ID des fehlerhaften Prozesses: 0x11a0
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3
Error: (10/31/2014 10:13:25 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (10/31/2014 08:46:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/30/2014 10:42:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/30/2014 09:39:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (10/31/2014 09:25:30 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MOON-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4DF0BC07-DF5B-4C57-9CC8-00672E37F925}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (10/30/2014 06:42:17 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FRITZ-NAS",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4DF0BC07-DF5B-4C57-9CC8-00672E37F925}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (10/28/2014 08:40:33 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.
Error: (10/28/2014 08:40:30 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.
Error: (10/28/2014 08:40:27 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.
Error: (10/28/2014 08:40:25 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.
Error: (10/28/2014 08:40:22 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.
Error: (10/28/2014 08:40:20 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.
Error: (10/28/2014 08:40:17 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.
Error: (10/28/2014 08:40:14 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.
Microsoft Office Sessions:
=========================
Error: (10/31/2014 02:53:42 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12920 seconds with 1680 seconds of active time. This session ended with a crash.
Error: (05/03/2014 01:57:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16 seconds with 0 seconds of active time. This session ended with a crash.
Error: (03/26/2014 01:24:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11873 seconds with 2040 seconds of active time. This session ended with a crash.
Error: (02/17/2014 02:42:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 48 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/17/2014 09:45:27 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22 seconds with 0 seconds of active time. This session ended with a crash.
Error: (03/16/2013 05:37:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.
Error: (03/08/2013 06:40:22 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 32 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/09/2013 01:57:01 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/17/2012 03:29:40 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 752 seconds with 180 seconds of active time. This session ended with a crash.
Error: (12/16/2012 05:56:15 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 957 seconds with 780 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-11-01 15:20:21.350
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-01 14:37:08.948
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-01 14:22:39.985
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-01 14:15:06.755
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-01 14:02:03.183
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-01 13:49:27.736
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-31 18:30:33.683
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-31 18:20:14.264
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-31 16:24:05.326
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-31 08:58:22.668
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3570S CPU @ 3.10GHz
Percentage of memory in use: 51%
Total physical RAM: 8175.11 MB
Available physical RAM: 3967.54 MB
Total Pagefile: 20173.29 MB
Available Pagefile: 15314.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:61.42 GB) NTFS
Drive d: (Win-7 Reserve) (Fixed) (Total:100 GB) (Free:89.6 GB) NTFS
Drive e: (Win7-Games) (Fixed) (Total:100.01 GB) (Free:16.63 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Wissenschaft Sicherheit) (Fixed) (Total:200 GB) (Free:76.73 GB) NTFS
Drive g: (Big One 2) (Fixed) (Total:1563.01 GB) (Free:1161.68 GB) NTFS
Drive j: (Wissenschaft ) (Fixed) (Total:200.02 GB) (Free:68.81 GB) NTFS
Drive k: (Big One) (Fixed) (Total:1562.99 GB) (Free:832.45 GB) NTFS
Drive s: (Volume) (Fixed) (Total:60.15 GB) (Free:11.2 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
Wie sieht die Sache für Euch aus? Entwarnung oder "weiter graben"? Grüße |
|
01.11.2014, 16:11
| #2 |
| /// the machine /// TB-Ausbilder    | HitmanPro Alert gibt Warnung aus - Browser kompromittiert? hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
01.11.2014, 16:33
| #3 |
| | HitmanPro Alert gibt Warnung aus - Browser kompromittiert? Er hat etwas gefunden (1 Fund); Log hier:
__________________Code:
ATTFilter 16:22:16.0492 0x235c TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
16:22:22.0372 0x235c ============================================================
16:22:22.0372 0x235c Current date / time: 2014/11/01 16:22:22.0372
16:22:22.0372 0x235c SystemInfo:
16:22:22.0372 0x235c
16:22:22.0372 0x235c OS Version: 6.1.7601 ServicePack: 1.0
16:22:22.0372 0x235c Product type: Workstation
16:22:22.0372 0x235c ComputerName: MOONCHILD-PC
16:22:22.0372 0x235c UserName: Admin
16:22:22.0372 0x235c Windows directory: C:\Windows
16:22:22.0372 0x235c System windows directory: C:\Windows
16:22:22.0373 0x235c Running under WOW64
16:22:22.0373 0x235c Processor architecture: Intel x64
16:22:22.0373 0x235c Number of processors: 4
16:22:22.0373 0x235c Page size: 0x1000
16:22:22.0373 0x235c Boot type: Normal boot
16:22:22.0373 0x235c ============================================================
16:22:22.0484 0x235c KLMD registered as C:\Windows\system32\drivers\87588815.sys
16:22:23.0449 0x235c System UUID: {889C40E7-AF1F-A588-5264-95CD246E99DA}
16:22:24.0146 0x235c Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:22:24.0146 0x235c Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0xE584, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
16:22:24.0162 0x235c Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:22:24.0318 0x235c Drive \Device\Harddisk3\DR3 - Size: 0xF0A000000 ( 60.16 Gb ), SectorSize: 0x200, Cylinders: 0x1EAC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:22:24.0322 0x235c ============================================================
16:22:24.0322 0x235c \Device\Harddisk0\DR0:
16:22:24.0322 0x235c MBR partitions:
16:22:24.0322 0x235c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC805000
16:22:24.0322 0x235c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC805800, BlocksNum 0x19009800
16:22:24.0322 0x235c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2580F000, BlocksNum 0xC35F8800
16:22:24.0322 0x235c \Device\Harddisk1\DR1:
16:22:24.0323 0x235c MBR partitions:
16:22:24.0323 0x235c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:22:24.0323 0x235c \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
16:22:24.0323 0x235c \Device\Harddisk2\DR2:
16:22:24.0323 0x235c MBR partitions:
16:22:24.0323 0x235c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000
16:22:24.0323 0x235c \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0xC800800, BlocksNum 0x19000000
16:22:24.0323 0x235c \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x25800800, BlocksNum 0xC3607000
16:22:24.0323 0x235c \Device\Harddisk3\DR3:
16:22:24.0323 0x235c MBR partitions:
16:22:24.0324 0x235c \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x784E800
16:22:24.0324 0x235c ============================================================
16:22:24.0325 0x235c C: <-> \Device\Harddisk1\DR1\Partition2
16:22:24.0341 0x235c E: <-> \Device\Harddisk0\DR0\Partition1
16:22:24.0370 0x235c J: <-> \Device\Harddisk0\DR0\Partition2
16:22:24.0436 0x235c K: <-> \Device\Harddisk0\DR0\Partition3
16:22:24.0442 0x235c S: <-> \Device\Harddisk3\DR3\Partition1
16:22:24.0455 0x235c D: <-> \Device\Harddisk2\DR2\Partition1
16:22:24.0473 0x235c F: <-> \Device\Harddisk2\DR2\Partition2
16:22:24.0494 0x235c G: <-> \Device\Harddisk2\DR2\Partition3
16:22:24.0494 0x235c ============================================================
16:22:24.0495 0x235c Initialize success
16:22:24.0495 0x235c ============================================================
16:22:59.0851 0x0d60 ============================================================
16:22:59.0851 0x0d60 Scan started
16:22:59.0851 0x0d60 Mode: Manual; SigCheck; TDLFS;
16:22:59.0851 0x0d60 ============================================================
16:22:59.0851 0x0d60 KSN ping started
16:23:02.0627 0x0d60 KSN ping finished: true
16:23:04.0342 0x0d60 ================ Scan system memory ========================
16:23:04.0342 0x0d60 System memory - ok
16:23:04.0343 0x0d60 ================ Scan services =============================
16:23:04.0385 0x0d60 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:23:04.0492 0x0d60 1394ohci - ok
16:23:04.0503 0x0d60 7ByteIo - ok
16:23:04.0508 0x0d60 [ 465BA0FED922BC2E5C97A95BC5AF1CDC, 1CAA8D65D87D8AEF5EE1BEC72339E42B8F6D0E050D070D15BB7D2C2B27BF6446 ] a2acc C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
16:23:04.0532 0x0d60 a2acc - ok
16:23:04.0624 0x0d60 [ 133E9D8945F8ADAA60101902DB7467B3, 110941D28A68D59DBA18F4A6C4C4D44577C4F06202E2AC0E605BD7EBD3EA5446 ] a2AntiMalware C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
16:23:04.0827 0x0d60 a2AntiMalware - ok
16:23:04.0837 0x0d60 [ D27A8B7BB0E15DFBFC6B4E774EE17AD9, CBAD45B3FFFD30C34AF918009F699B65F89043D0799FC25D2472381912F86F93 ] A2DDA C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
16:23:04.0855 0x0d60 A2DDA - ok
16:23:04.0860 0x0d60 [ 05936579605018BD2BC528FF2C1AD95F, 763C2E76F9078F6A74D5BCCB4DD8A10C82AEB9C9F5A45C3706A587FA2D03E7D3 ] a2injectiondriver C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
16:23:04.0878 0x0d60 a2injectiondriver - ok
16:23:04.0883 0x0d60 [ 0932B29AA1B9372FFE6D3AF8BA2ABA3A, 78312D140FB0383E797F715C9CFE53F25A60CB02A4466F6488B14E5558E609EC ] a2util C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
16:23:04.0899 0x0d60 a2util - ok
16:23:04.0913 0x0d60 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:23:04.0940 0x0d60 ACPI - ok
16:23:04.0945 0x0d60 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:23:04.0969 0x0d60 AcpiPmi - ok
16:23:04.0996 0x0d60 [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:23:05.0019 0x0d60 AdobeFlashPlayerUpdateSvc - ok
16:23:05.0038 0x0d60 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:23:05.0085 0x0d60 adp94xx - ok
16:23:05.0100 0x0d60 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:23:05.0125 0x0d60 adpahci - ok
16:23:05.0135 0x0d60 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:23:05.0156 0x0d60 adpu320 - ok
16:23:05.0165 0x0d60 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:23:05.0213 0x0d60 AeLookupSvc - ok
16:23:05.0231 0x0d60 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:23:05.0270 0x0d60 AFD - ok
16:23:05.0276 0x0d60 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:23:05.0293 0x0d60 agp440 - ok
16:23:05.0299 0x0d60 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:23:05.0320 0x0d60 ALG - ok
16:23:05.0325 0x0d60 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:23:05.0340 0x0d60 aliide - ok
16:23:05.0351 0x0d60 [ 4C1E3649C89C7D542CD18ECC5210099D, 0D6CDA3E8E66DEFAA638A59B674D290035C3189C81C4C1EE4A359EC7918FA19A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:23:05.0387 0x0d60 AMD External Events Utility - ok
16:23:05.0391 0x0d60 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:23:05.0403 0x0d60 amdide - ok
16:23:05.0408 0x0d60 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:23:05.0424 0x0d60 AmdK8 - ok
16:23:05.0683 0x0d60 [ A3C0A15B39F979E8F3EABA901D72ECD7, D8D5C89FC85498D37EB33C75AC22F3B1FCFDB564BB11DEE63460023BA860ACF6 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:23:06.0154 0x0d60 amdkmdag - ok
16:23:06.0184 0x0d60 [ 20F3CD38B107C1BD747C0EA37D450165, 7C166B084A5AF45926DED78A5E3DC378ED3F744D46DE154A0FD83B000D3F60C3 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:23:06.0224 0x0d60 amdkmdap - ok
16:23:06.0232 0x0d60 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:23:06.0252 0x0d60 AmdPPM - ok
16:23:06.0260 0x0d60 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:23:06.0279 0x0d60 amdsata - ok
16:23:06.0289 0x0d60 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:23:06.0311 0x0d60 amdsbs - ok
16:23:06.0317 0x0d60 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:23:06.0333 0x0d60 amdxata - ok
16:23:06.0340 0x0d60 [ 107AB19CC1D40B9D04537F6EEAAC34C9, 3EE00EFCBF80CD4470EAF90C39285B35749EC9CC5822B882379D3D40400E1815 ] APC Data Service C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
16:23:06.0361 0x0d60 APC Data Service - ok
16:23:06.0384 0x0d60 [ C7F8C8080B055B3DE9A8141DFD8E308A, E4BB4EA75B8DEF4D410CC0B9EABE487F9207057E76BB8FB30326135659E5241A ] APC UPS Service C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
16:23:06.0440 0x0d60 APC UPS Service - ok
16:23:06.0447 0x0d60 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
16:23:06.0486 0x0d60 AppID - ok
16:23:06.0490 0x0d60 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:23:06.0529 0x0d60 AppIDSvc - ok
16:23:06.0533 0x0d60 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
16:23:06.0551 0x0d60 Appinfo - ok
16:23:06.0559 0x0d60 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
16:23:06.0580 0x0d60 AppMgmt - ok
16:23:06.0585 0x0d60 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
16:23:06.0599 0x0d60 arc - ok
16:23:06.0605 0x0d60 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:23:06.0622 0x0d60 arcsas - ok
16:23:06.0636 0x0d60 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:23:06.0654 0x0d60 aspnet_state - ok
16:23:06.0658 0x0d60 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:23:06.0694 0x0d60 AsyncMac - ok
16:23:06.0698 0x0d60 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:23:06.0711 0x0d60 atapi - ok
16:23:06.0718 0x0d60 [ 2B3B05C0A7768BF033217EB8F33F9C35, F7B13158440CAE46EC93F29BA47A960194A5A2AD71B5BF628AF4661CEE096402 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:23:06.0733 0x0d60 AtiHDAudioService - ok
16:23:06.0752 0x0d60 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:23:06.0808 0x0d60 AudioEndpointBuilder - ok
16:23:06.0826 0x0d60 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:23:06.0878 0x0d60 AudioSrv - ok
16:23:06.0901 0x0d60 [ E058520EEE9DAC4613D846596FF82D92, 0291075CA16ACB79F4989DE44D381F5742A2A3601F22C3600AE236D864E3370E ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
16:23:06.0935 0x0d60 avc3 - ok
16:23:06.0945 0x0d60 [ 3B9549FEF98AB1768A1D6A919F355B70, 0014914051CB54CD7CC25561D29099A19DCFB2E1810FF635F9B6AD3D9C6FBC4B ] avchv C:\Windows\system32\DRIVERS\avchv.sys
16:23:06.0966 0x0d60 avchv - ok
16:23:06.0986 0x0d60 [ 62C4DB41DAEA0FC1F5CB103B023D1068, 8C04FDF08CB487A775C8970527AE8115D9CE538781C607F703EE49674C63BA56 ] avckf C:\Windows\system32\DRIVERS\avckf.sys
16:23:07.0023 0x0d60 avckf - ok
16:23:07.0029 0x0d60 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
16:23:07.0046 0x0d60 avmeject - ok
16:23:07.0054 0x0d60 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:23:07.0082 0x0d60 AxInstSV - ok
16:23:07.0100 0x0d60 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:23:07.0137 0x0d60 b06bdrv - ok
16:23:07.0150 0x0d60 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:23:07.0178 0x0d60 b57nd60a - ok
16:23:07.0195 0x0d60 [ 6618F3780323393458130C1BEA90AFEC, 78084BB9C5797C99EA693AC7E51E44D05C55BD99745AAFD3FC7A62CF86FF2AC2 ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
16:23:07.0215 0x0d60 BdDesktopParental - ok
16:23:07.0223 0x0d60 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:23:07.0244 0x0d60 BDESVC - ok
16:23:07.0252 0x0d60 [ 3FAFE12C5D1D4D5F3567E7A0A2F15A7C, B77455872683563C12963E1D8FC349FB33B048D615FD299571A2DCF1598C0A9F ] BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
16:23:07.0272 0x0d60 BdfNdisf - ok
16:23:07.0279 0x0d60 [ 4CE4B0098FC315C237FA8867F07886C4, 475B2D86EE7658372D868ABC9ACA965FDD8212D3AE2C6E4749DC53DBA3DC19D6 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
16:23:07.0298 0x0d60 bdfwfpf - ok
16:23:07.0305 0x0d60 [ 5B9DECBB17E58AB7C3A41EEF6B216768, EBBEB7E48308F7C6D52DC232345C4C52DA079F0441B3F7139080BA28A7F5AE0D ] BDSandBox C:\Windows\system32\drivers\bdsandbox.sys
16:23:07.0324 0x0d60 BDSandBox - ok
16:23:07.0328 0x0d60 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:23:07.0374 0x0d60 Beep - ok
16:23:07.0398 0x0d60 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:23:07.0443 0x0d60 BFE - ok
16:23:07.0472 0x0d60 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:23:07.0550 0x0d60 BITS - ok
16:23:07.0557 0x0d60 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:23:07.0577 0x0d60 blbdrive - ok
16:23:07.0586 0x0d60 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:23:07.0609 0x0d60 bowser - ok
16:23:07.0614 0x0d60 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:23:07.0639 0x0d60 BrFiltLo - ok
16:23:07.0645 0x0d60 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:23:07.0669 0x0d60 BrFiltUp - ok
16:23:07.0678 0x0d60 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:23:07.0703 0x0d60 Browser - ok
16:23:07.0715 0x0d60 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:23:07.0747 0x0d60 Brserid - ok
16:23:07.0754 0x0d60 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:23:07.0777 0x0d60 BrSerWdm - ok
16:23:07.0781 0x0d60 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:23:07.0799 0x0d60 BrUsbMdm - ok
16:23:07.0803 0x0d60 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:23:07.0817 0x0d60 BrUsbSer - ok
16:23:07.0822 0x0d60 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
16:23:07.0837 0x0d60 BthEnum - ok
16:23:07.0842 0x0d60 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:23:07.0861 0x0d60 BTHMODEM - ok
16:23:07.0867 0x0d60 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:23:07.0887 0x0d60 BthPan - ok
16:23:07.0903 0x0d60 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
16:23:07.0934 0x0d60 BTHPORT - ok
16:23:07.0939 0x0d60 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:23:07.0977 0x0d60 bthserv - ok
16:23:07.0982 0x0d60 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
16:23:07.0998 0x0d60 BTHUSB - ok
16:23:08.0011 0x0d60 [ EDF778CC01A2187B3FC36382C5A28D79, 7CD6AF9DF3CE6692F7BFECC1DFD4FD6664F8106E81636746D3958B4DD0DC8758 ] cbfs4 C:\Windows\system32\drivers\cbfs4.sys
16:23:08.0035 0x0d60 cbfs4 - ok
16:23:08.0040 0x0d60 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:23:08.0078 0x0d60 cdfs - ok
16:23:08.0085 0x0d60 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:23:08.0103 0x0d60 cdrom - ok
16:23:08.0108 0x0d60 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:23:08.0145 0x0d60 CertPropSvc - ok
16:23:08.0150 0x0d60 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
16:23:08.0168 0x0d60 circlass - ok
16:23:08.0174 0x0d60 [ B794DCF38C965FA2F93C45A7C3D582C5, 0E483EAF835B85AA4B6F449F9BB68AF0A3EE4192D29CD72F4B812F1E4D9E9A7C ] cleanhlp C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys
16:23:08.0190 0x0d60 cleanhlp - ok
16:23:08.0205 0x0d60 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
16:23:08.0232 0x0d60 CLFS - ok
16:23:08.0241 0x0d60 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:23:08.0258 0x0d60 clr_optimization_v2.0.50727_32 - ok
16:23:08.0267 0x0d60 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:23:08.0287 0x0d60 clr_optimization_v2.0.50727_64 - ok
16:23:08.0300 0x0d60 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:23:08.0325 0x0d60 clr_optimization_v4.0.30319_32 - ok
16:23:08.0333 0x0d60 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:23:08.0357 0x0d60 clr_optimization_v4.0.30319_64 - ok
16:23:08.0362 0x0d60 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:23:08.0380 0x0d60 CmBatt - ok
16:23:08.0385 0x0d60 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:23:08.0401 0x0d60 cmdide - ok
16:23:08.0418 0x0d60 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
16:23:08.0457 0x0d60 CNG - ok
16:23:08.0463 0x0d60 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:23:08.0478 0x0d60 Compbatt - ok
16:23:08.0483 0x0d60 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:23:08.0507 0x0d60 CompositeBus - ok
16:23:08.0511 0x0d60 COMSysApp - ok
16:23:08.0598 0x0d60 cpuz135 - ok
16:23:08.0603 0x0d60 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:23:08.0619 0x0d60 crcdisk - ok
16:23:08.0630 0x0d60 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:23:08.0656 0x0d60 CryptSvc - ok
16:23:08.0675 0x0d60 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
16:23:08.0713 0x0d60 CSC - ok
16:23:08.0737 0x0d60 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
16:23:08.0781 0x0d60 CscService - ok
16:23:08.0799 0x0d60 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:23:08.0853 0x0d60 DcomLaunch - ok
16:23:08.0864 0x0d60 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:23:08.0908 0x0d60 defragsvc - ok
16:23:08.0993 0x0d60 [ FA59D4BCD31B272CB363C0E62BC06F88, 5FF61E459E0A92CB36A0413AA7B842BF35E44ECCA4C4192BEDB9E07B5C103F94 ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
16:23:09.0471 0x0d60 DevoloNetworkService - ok
16:23:09.0482 0x0d60 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:23:09.0531 0x0d60 DfsC - ok
16:23:09.0544 0x0d60 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:23:09.0575 0x0d60 Dhcp - ok
16:23:09.0581 0x0d60 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:23:09.0632 0x0d60 discache - ok
16:23:09.0639 0x0d60 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
16:23:09.0657 0x0d60 Disk - ok
16:23:09.0664 0x0d60 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:23:09.0685 0x0d60 dmvsc - ok
16:23:09.0694 0x0d60 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:23:09.0719 0x0d60 Dnscache - ok
16:23:09.0731 0x0d60 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:23:09.0784 0x0d60 dot3svc - ok
16:23:09.0791 0x0d60 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:23:09.0830 0x0d60 DPS - ok
16:23:09.0834 0x0d60 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:23:09.0848 0x0d60 drmkaud - ok
16:23:09.0855 0x0d60 [ 143909A4FF43EFEB03B6B115EF0C150D, DDCC77A69A35AB9B4592C186247042D2AB8AA29F9CAE6C8E0D6FDC6CF2AC53D5 ] DTSRVC C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
16:23:09.0882 0x0d60 DTSRVC - ok
16:23:09.0885 0x0d60 DUMeterDrv - ok
16:23:09.0910 0x0d60 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:23:09.0948 0x0d60 DXGKrnl - ok
16:23:09.0954 0x0d60 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:23:09.0997 0x0d60 EapHost - ok
16:23:10.0094 0x0d60 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:23:10.0236 0x0d60 ebdrv - ok
16:23:10.0245 0x0d60 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
16:23:10.0264 0x0d60 EFS - ok
16:23:10.0289 0x0d60 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:23:10.0335 0x0d60 ehRecvr - ok
16:23:10.0343 0x0d60 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:23:10.0367 0x0d60 ehSched - ok
16:23:10.0386 0x0d60 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:23:10.0419 0x0d60 elxstor - ok
16:23:10.0424 0x0d60 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:23:10.0442 0x0d60 ErrDev - ok
16:23:10.0450 0x0d60 [ 3DBC10CBC436288801FAEE66DE91AE47, CE50732C43AEB8ACF977DF7CF609C88CB022E596EBE0C0AA9DDBC4D6BB25B804 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
16:23:10.0472 0x0d60 EtronHub3 - ok
16:23:10.0479 0x0d60 [ DE261095A2220D400D9603E1E42D4185, F5C4493EDCE92EC46BC7940764F719131FE27AE695201EDF143D678881CD239D ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
16:23:10.0503 0x0d60 EtronXHCI - ok
16:23:10.0521 0x0d60 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:23:10.0581 0x0d60 EventSystem - ok
16:23:10.0592 0x0d60 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:23:10.0645 0x0d60 exfat - ok
16:23:10.0655 0x0d60 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:23:10.0710 0x0d60 fastfat - ok
16:23:10.0734 0x0d60 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:23:10.0779 0x0d60 Fax - ok
16:23:10.0785 0x0d60 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
16:23:10.0800 0x0d60 fdc - ok
16:23:10.0804 0x0d60 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:23:10.0840 0x0d60 fdPHost - ok
16:23:10.0845 0x0d60 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:23:10.0881 0x0d60 FDResPub - ok
16:23:10.0886 0x0d60 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:23:10.0900 0x0d60 FileInfo - ok
16:23:10.0904 0x0d60 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:23:10.0940 0x0d60 Filetrace - ok
16:23:10.0943 0x0d60 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:23:10.0958 0x0d60 flpydisk - ok
16:23:10.0968 0x0d60 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:23:10.0988 0x0d60 FltMgr - ok
16:23:11.0025 0x0d60 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
16:23:11.0088 0x0d60 FontCache - ok
16:23:11.0095 0x0d60 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:23:11.0110 0x0d60 FontCache3.0.0.0 - ok
16:23:11.0116 0x0d60 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:23:11.0132 0x0d60 FsDepends - ok
16:23:11.0138 0x0d60 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:23:11.0153 0x0d60 Fs_Rec - ok
16:23:11.0162 0x0d60 [ 290EBA98AD0CE0D1B880B5D71194B069, 60CF4DBCFBF5EABE127663322E0CA2B324DB8A92039E7B7C044ACD64DBD324AB ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
16:23:11.0198 0x0d60 Futuremark SystemInfo Service - ok
16:23:11.0209 0x0d60 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:23:11.0236 0x0d60 fvevol - ok
16:23:11.0269 0x0d60 [ 8A3DB33B2FA1D0CAF7A70256E00EB996, 13F51EEB0088A8891620388843A8C3BA1D1526CF8AF1C5960E167FC4C877563A ] fwlanusb5 C:\Windows\system32\DRIVERS\fwlanusb5.sys
16:23:11.0326 0x0d60 fwlanusb5 - ok
16:23:11.0333 0x0d60 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:23:11.0350 0x0d60 gagp30kx - ok
16:23:11.0353 0x0d60 gdrv - ok
16:23:11.0359 0x0d60 [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:23:11.0376 0x0d60 GEARAspiWDM - ok
16:23:11.0403 0x0d60 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:23:11.0479 0x0d60 gpsvc - ok
16:23:11.0488 0x0d60 GPU-Z - ok
16:23:11.0495 0x0d60 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:23:11.0513 0x0d60 gupdate - ok
16:23:11.0520 0x0d60 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:23:11.0534 0x0d60 gupdatem - ok
16:23:11.0542 0x0d60 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:23:11.0577 0x0d60 gusvc - ok
16:23:11.0587 0x0d60 [ 0A9D58AABD01DA97B1D101473EFA7659, C18EA4F5BF569C230AD682A418F69B6E4209AD467BCCBDABD0515DBB582BF04B ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
16:23:11.0609 0x0d60 gzflt - ok
16:23:11.0614 0x0d60 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:23:11.0634 0x0d60 hcw85cir - ok
16:23:11.0649 0x0d60 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:23:11.0685 0x0d60 HdAudAddService - ok
16:23:11.0694 0x0d60 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:23:11.0721 0x0d60 HDAudBus - ok
16:23:11.0727 0x0d60 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:23:11.0747 0x0d60 HidBatt - ok
16:23:11.0754 0x0d60 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:23:11.0779 0x0d60 HidBth - ok
16:23:11.0784 0x0d60 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
16:23:11.0802 0x0d60 HidIr - ok
16:23:11.0806 0x0d60 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:23:11.0843 0x0d60 hidserv - ok
16:23:11.0847 0x0d60 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:23:11.0862 0x0d60 HidUsb - ok
16:23:11.0868 0x0d60 [ E9499A51801037F4E7CD2D7937D76542, E908A7DC52E8FD4E611620E2E0D23D567B44F965208274C5CF571FC1694F1EB5 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
16:23:11.0883 0x0d60 HitmanProScheduler - ok
16:23:11.0889 0x0d60 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:23:11.0925 0x0d60 hkmsvc - ok
16:23:11.0930 0x0d60 [ CF07C0A9D38A248D036DD9C47E4D0D6E, 6952DA6466DAE2E378F92934E1925887DD122A511BC5D6A0EF2194108E320126 ] hmpalert C:\Windows\system32\drivers\hmpalert.sys
16:23:11.0945 0x0d60 hmpalert - ok
16:23:11.0990 0x0d60 [ 2638395F6E61889D75C363A80A0E17F4, D61FD993DA6605F32E6CDAC889285EB67F1A112BB9A294838BB90FCBF5FA11C1 ] hmpalertsvc C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
16:23:12.0060 0x0d60 hmpalertsvc - ok
16:23:12.0071 0x0d60 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:23:12.0092 0x0d60 HomeGroupListener - ok
16:23:12.0100 0x0d60 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:23:12.0120 0x0d60 HomeGroupProvider - ok
16:23:12.0125 0x0d60 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:23:12.0139 0x0d60 HpSAMD - ok
16:23:12.0158 0x0d60 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:23:12.0224 0x0d60 HTTP - ok
16:23:12.0230 0x0d60 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:23:12.0245 0x0d60 hwpolicy - ok
16:23:12.0252 0x0d60 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:23:12.0275 0x0d60 i8042prt - ok
16:23:12.0298 0x0d60 [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:23:12.0333 0x0d60 iaStor - ok
16:23:12.0341 0x0d60 [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:23:12.0362 0x0d60 IAStorDataMgrSvc - ok
16:23:12.0379 0x0d60 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:23:12.0409 0x0d60 iaStorV - ok
16:23:12.0437 0x0d60 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:23:12.0483 0x0d60 idsvc - ok
16:23:12.0489 0x0d60 IEEtwCollectorService - ok
16:23:12.0743 0x0d60 [ B9857625DF8B539ABCB90E15B5716568, 99393C74D6C5BB1D3B7399C628DEF47641563A3A1118988597091B0735805F06 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:23:13.0073 0x0d60 igfx - detected UnsignedFile.Multi.Generic ( 1 )
16:23:15.0482 0x0d60 Detect skipped due to KSN trusted
16:23:15.0484 0x0d60 igfx - ok
16:23:15.0492 0x0d60 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:23:15.0511 0x0d60 iirsp - ok
16:23:15.0539 0x0d60 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:23:15.0590 0x0d60 IKEEXT - ok
16:23:15.0708 0x0d60 [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:23:15.0839 0x0d60 IntcAzAudAddService - ok
16:23:15.0854 0x0d60 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:23:15.0872 0x0d60 IntcDAud - detected UnsignedFile.Multi.Generic ( 1 )
16:23:18.0366 0x0d60 Detect skipped due to KSN trusted
16:23:18.0367 0x0d60 IntcDAud - ok
16:23:18.0371 0x0d60 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:23:18.0387 0x0d60 intelide - ok
16:23:18.0393 0x0d60 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:23:18.0413 0x0d60 intelppm - ok
16:23:18.0421 0x0d60 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:23:18.0470 0x0d60 IPBusEnum - ok
16:23:18.0477 0x0d60 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:23:18.0524 0x0d60 IpFilterDriver - ok
16:23:18.0545 0x0d60 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:23:18.0585 0x0d60 iphlpsvc - ok
16:23:18.0592 0x0d60 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:23:18.0614 0x0d60 IPMIDRV - ok
16:23:18.0621 0x0d60 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:23:18.0671 0x0d60 IPNAT - ok
16:23:18.0702 0x0d60 [ EE4C2A137C7088911A8919EFFC9812E7, B93DE083B872FAA44D37C1EBC5C7F408FC6105F4324240796BF4F42951868117 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:23:18.0748 0x0d60 iPod Service - ok
16:23:18.0754 0x0d60 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:23:18.0781 0x0d60 IRENUM - ok
16:23:18.0786 0x0d60 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:23:18.0798 0x0d60 isapnp - ok
16:23:18.0808 0x0d60 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:23:18.0827 0x0d60 iScsiPrt - ok
16:23:18.0832 0x0d60 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:23:18.0845 0x0d60 kbdclass - ok
16:23:18.0849 0x0d60 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:23:18.0864 0x0d60 kbdhid - ok
16:23:18.0868 0x0d60 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
16:23:18.0882 0x0d60 KeyIso - ok
16:23:18.0888 0x0d60 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:23:18.0902 0x0d60 KSecDD - ok
16:23:18.0909 0x0d60 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:23:18.0924 0x0d60 KSecPkg - ok
16:23:18.0928 0x0d60 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:23:18.0963 0x0d60 ksthunk - ok
16:23:18.0975 0x0d60 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:23:19.0033 0x0d60 KtmRm - ok
16:23:19.0045 0x0d60 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:23:19.0099 0x0d60 LanmanServer - ok
16:23:19.0107 0x0d60 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:23:19.0157 0x0d60 LanmanWorkstation - ok
16:23:19.0173 0x0d60 [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
16:23:19.0201 0x0d60 LBTServ - ok
16:23:19.0210 0x0d60 [ 5EA1731968F2FD0E950DDCE6D36C5134, 16C47AA60CB62F206DBF3B4FAF99FCA667E7193178D1B7ECB162FA87C008BAA3 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
16:23:19.0227 0x0d60 LEqdUsb - ok
16:23:19.0232 0x0d60 [ 50AC0930F05DFB996F085B49E112E5C9, C5147E92656506981705AFCAA97B7BDAD0929FF39C1666E774BE1BD32FB08387 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
16:23:19.0246 0x0d60 LHidEqd - ok
16:23:19.0253 0x0d60 [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:23:19.0270 0x0d60 LHidFilt - ok
16:23:19.0276 0x0d60 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:23:19.0323 0x0d60 lltdio - ok
16:23:19.0336 0x0d60 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:23:19.0394 0x0d60 lltdsvc - ok
16:23:19.0399 0x0d60 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:23:19.0446 0x0d60 lmhosts - ok
16:23:19.0452 0x0d60 [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
16:23:19.0470 0x0d60 LMouFilt - ok
16:23:19.0479 0x0d60 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:23:19.0499 0x0d60 LSI_FC - ok
16:23:19.0507 0x0d60 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:23:19.0526 0x0d60 LSI_SAS - ok
16:23:19.0532 0x0d60 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:23:19.0549 0x0d60 LSI_SAS2 - ok
16:23:19.0556 0x0d60 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:23:19.0575 0x0d60 LSI_SCSI - ok
16:23:19.0582 0x0d60 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:23:19.0621 0x0d60 luafv - ok
16:23:19.0626 0x0d60 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:23:19.0644 0x0d60 Mcx2Svc - ok
16:23:19.0648 0x0d60 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
16:23:19.0661 0x0d60 megasas - ok
16:23:19.0670 0x0d60 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:23:19.0689 0x0d60 MegaSR - ok
16:23:19.0694 0x0d60 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:23:19.0708 0x0d60 MEIx64 - ok
16:23:19.0716 0x0d60 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:23:19.0729 0x0d60 Microsoft Office Groove Audit Service - ok
16:23:19.0734 0x0d60 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:23:19.0771 0x0d60 MMCSS - ok
16:23:19.0776 0x0d60 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:23:19.0812 0x0d60 Modem - ok
16:23:19.0817 0x0d60 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:23:19.0835 0x0d60 monitor - ok
16:23:19.0839 0x0d60 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:23:19.0852 0x0d60 mouclass - ok
16:23:19.0856 0x0d60 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:23:19.0872 0x0d60 mouhid - ok
16:23:19.0878 0x0d60 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:23:19.0892 0x0d60 mountmgr - ok
16:23:19.0898 0x0d60 [ A5F6ADC56FA516594E99C328A7E7FD54, 6FB011B00B8AB085F3083E967B89BBFCA1AC7677407E9E72AD582CCC8212D136 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:23:19.0913 0x0d60 MozillaMaintenance - ok
16:23:20.0035 0x0d60 [ 9FA705BE049065E8179925CFDDAE0B1C, C8105BC2AE757E92F8419149456C02718F247CD24DB2863B1B69AC2CA789910E ] mozybackup K:\Windows_SSD\MOZY\mozybackup.exe
16:23:20.0052 0x0d60 mozybackup - ok
16:23:20.0058 0x0d60 [ B45F76965CAD927C6AF44E991EC7047A, A4D29CF59A108907D67346AD21084D03273F7F2DCD37ABF556651B66260DDB84 ] mozyFilter C:\Windows\system32\DRIVERS\mozy.sys
16:23:20.0078 0x0d60 mozyFilter - ok
16:23:20.0087 0x0d60 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:23:20.0107 0x0d60 mpio - ok
16:23:20.0114 0x0d60 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:23:20.0161 0x0d60 mpsdrv - ok
16:23:20.0189 0x0d60 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:23:20.0264 0x0d60 MpsSvc - ok
16:23:20.0274 0x0d60 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:23:20.0297 0x0d60 MRxDAV - ok
16:23:20.0305 0x0d60 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:23:20.0329 0x0d60 mrxsmb - ok
16:23:20.0342 0x0d60 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:23:20.0370 0x0d60 mrxsmb10 - ok
16:23:20.0378 0x0d60 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:23:20.0400 0x0d60 mrxsmb20 - ok
16:23:20.0405 0x0d60 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:23:20.0421 0x0d60 msahci - ok
16:23:20.0429 0x0d60 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:23:20.0449 0x0d60 msdsm - ok
16:23:20.0457 0x0d60 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:23:20.0482 0x0d60 MSDTC - ok
16:23:20.0490 0x0d60 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:23:20.0538 0x0d60 Msfs - ok
16:23:20.0542 0x0d60 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:23:20.0588 0x0d60 mshidkmdf - ok
16:23:20.0593 0x0d60 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:23:20.0608 0x0d60 msisadrv - ok
16:23:20.0617 0x0d60 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:23:20.0669 0x0d60 MSiSCSI - ok
16:23:20.0673 0x0d60 msiserver - ok
16:23:20.0678 0x0d60 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:23:20.0723 0x0d60 MSKSSRV - ok
16:23:20.0728 0x0d60 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:23:20.0773 0x0d60 MSPCLOCK - ok
16:23:20.0777 0x0d60 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:23:20.0823 0x0d60 MSPQM - ok
16:23:20.0838 0x0d60 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:23:20.0865 0x0d60 MsRPC - ok
16:23:20.0872 0x0d60 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:23:20.0888 0x0d60 mssmbios - ok
16:23:20.0893 0x0d60 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:23:20.0938 0x0d60 MSTEE - ok
16:23:20.0943 0x0d60 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:23:20.0962 0x0d60 MTConfig - ok
16:23:20.0968 0x0d60 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:23:20.0984 0x0d60 Mup - ok
16:23:20.0999 0x0d60 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:23:21.0048 0x0d60 napagent - ok
16:23:21.0059 0x0d60 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:23:21.0088 0x0d60 NativeWifiP - ok
16:23:21.0093 0x0d60 [ DACA803A8D732FE5EEAA024EC342F81D, 2DDEA48CD417EDD657D487BADA7C31C05F35DA328AAC5AA63A99FDFD44F2BF02 ] NBVol C:\Windows\system32\DRIVERS\NBVol.sys
16:23:21.0108 0x0d60 NBVol - ok
16:23:21.0114 0x0d60 [ 6208F622E9E35860DFB0753DFF56F0C0, AF7730B4AB642E0E45C05AE1429C7B3D90B0889CF94B21AC7869790D4DB6FDBE ] NBVolUp C:\Windows\system32\DRIVERS\NBVolUp.sys
16:23:21.0126 0x0d60 NBVolUp - ok
16:23:21.0151 0x0d60 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:23:21.0188 0x0d60 NDIS - ok
16:23:21.0193 0x0d60 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:23:21.0229 0x0d60 NdisCap - ok
16:23:21.0233 0x0d60 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:23:21.0269 0x0d60 NdisTapi - ok
16:23:21.0273 0x0d60 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:23:21.0309 0x0d60 Ndisuio - ok
16:23:21.0316 0x0d60 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:23:21.0354 0x0d60 NdisWan - ok
16:23:21.0359 0x0d60 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:23:21.0398 0x0d60 NDProxy - ok
16:23:21.0404 0x0d60 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:23:21.0450 0x0d60 NetBIOS - ok
16:23:21.0462 0x0d60 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:23:21.0518 0x0d60 NetBT - ok
16:23:21.0523 0x0d60 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
16:23:21.0542 0x0d60 Netlogon - ok
16:23:21.0556 0x0d60 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:23:21.0616 0x0d60 Netman - ok
16:23:21.0624 0x0d60 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:23:21.0648 0x0d60 NetMsmqActivator - ok
16:23:21.0655 0x0d60 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:23:21.0676 0x0d60 NetPipeActivator - ok
16:23:21.0695 0x0d60 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:23:21.0760 0x0d60 netprofm - ok
16:23:21.0768 0x0d60 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:23:21.0789 0x0d60 NetTcpActivator - ok
16:23:21.0796 0x0d60 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:23:21.0817 0x0d60 NetTcpPortSharing - ok
16:23:21.0823 0x0d60 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:23:21.0840 0x0d60 nfrd960 - ok
16:23:21.0853 0x0d60 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:23:21.0883 0x0d60 NlaSvc - ok
16:23:21.0889 0x0d60 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF C:\Windows\system32\drivers\npf.sys
16:23:21.0907 0x0d60 NPF - ok
16:23:21.0913 0x0d60 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:23:21.0960 0x0d60 Npfs - ok
16:23:21.0985 0x0d60 [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo C:\Windows\sysWOW64\drivers\npf_devolo.sys
16:23:21.0999 0x0d60 NPF_devolo - ok
16:23:22.0004 0x0d60 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:23:22.0040 0x0d60 nsi - ok
16:23:22.0043 0x0d60 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:23:22.0079 0x0d60 nsiproxy - ok
16:23:22.0121 0x0d60 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:23:22.0177 0x0d60 Ntfs - ok
16:23:22.0182 0x0d60 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:23:22.0227 0x0d60 Null - ok
16:23:22.0236 0x0d60 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:23:22.0256 0x0d60 nvraid - ok
16:23:22.0265 0x0d60 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:23:22.0286 0x0d60 nvstor - ok
16:23:22.0294 0x0d60 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:23:22.0313 0x0d60 nv_agp - ok
16:23:22.0331 0x0d60 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:23:22.0360 0x0d60 odserv - ok
16:23:22.0368 0x0d60 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:23:22.0389 0x0d60 ohci1394 - ok
16:23:22.0397 0x0d60 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:23:22.0415 0x0d60 ose - ok
16:23:22.0432 0x0d60 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:23:22.0462 0x0d60 p2pimsvc - ok
16:23:22.0480 0x0d60 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:23:22.0517 0x0d60 p2psvc - ok
16:23:22.0524 0x0d60 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
16:23:22.0546 0x0d60 Parport - ok
16:23:22.0553 0x0d60 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:23:22.0570 0x0d60 partmgr - ok
16:23:22.0579 0x0d60 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
16:23:22.0611 0x0d60 PcaSvc - ok
16:23:22.0617 0x0d60 [ 81B5E63131090879AD6EF9F32109B88D, 581680BFE9B2BACBD5E55D807EFB17C69488AE3F5C61358B0955E1494FD3514E ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
16:23:22.0637 0x0d60 pccsmcfd - ok
16:23:22.0646 0x0d60 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:23:22.0667 0x0d60 pci - ok
16:23:22.0671 0x0d60 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:23:22.0687 0x0d60 pciide - ok
16:23:22.0697 0x0d60 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:23:22.0720 0x0d60 pcmcia - ok
16:23:22.0726 0x0d60 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:23:22.0742 0x0d60 pcw - ok
16:23:22.0784 0x0d60 [ A1688A4FB2EC49D040C027EF6DC7A87B, E5F5768D189B590F4D8D20C13FC0F7FF5AC7C4729848F38A93D653AB0B740696 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
16:23:22.0887 0x0d60 PDF Architect Helper Service - ok
16:23:22.0915 0x0d60 [ E23FF9B2F8EEAB2BDDA681C21C48E843, 2D0072C2EFFD5278D0211438FA9A29CF394F01857273A53B09A629977C024B30 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
16:23:22.0986 0x0d60 PDF Architect Service - ok
16:23:22.0994 0x0d60 [ 2CB452340166478BD3A9E1B990A8E32C, 12B41308C82CA2644D1504DB965EECB91DFE0C00251565C29079C5F703070B73 ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
16:23:23.0020 0x0d60 PdiService - ok
16:23:23.0038 0x0d60 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:23:23.0092 0x0d60 PEAUTH - ok
16:23:23.0127 0x0d60 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:23:23.0182 0x0d60 PeerDistSvc - ok
16:23:23.0191 0x0d60 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:23:23.0212 0x0d60 PerfHost - ok
16:23:23.0261 0x0d60 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:23:23.0361 0x0d60 pla - ok
16:23:23.0379 0x0d60 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:23:23.0414 0x0d60 PlugPlay - ok
16:23:23.0419 0x0d60 PnkBstrA - ok
16:23:23.0425 0x0d60 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:23:23.0444 0x0d60 PNRPAutoReg - ok
16:23:23.0457 0x0d60 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:23:23.0486 0x0d60 PNRPsvc - ok
16:23:23.0508 0x0d60 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:23:23.0571 0x0d60 PolicyAgent - ok
16:23:23.0582 0x0d60 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:23:23.0635 0x0d60 Power - ok
16:23:23.0643 0x0d60 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:23:23.0692 0x0d60 PptpMiniport - ok
16:23:23.0698 0x0d60 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
16:23:23.0719 0x0d60 Processor - ok
16:23:23.0729 0x0d60 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
16:23:23.0756 0x0d60 ProfSvc - ok
16:23:23.0761 0x0d60 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:23:23.0779 0x0d60 ProtectedStorage - ok
16:23:23.0786 0x0d60 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:23:23.0823 0x0d60 Psched - ok
16:23:23.0861 0x0d60 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:23:23.0912 0x0d60 ql2300 - ok
16:23:23.0919 0x0d60 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:23:23.0934 0x0d60 ql40xx - ok
16:23:23.0943 0x0d60 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:23:23.0970 0x0d60 QWAVE - ok
16:23:23.0974 0x0d60 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:23:23.0997 0x0d60 QWAVEdrv - ok
16:23:24.0002 0x0d60 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:23:24.0048 0x0d60 RasAcd - ok
16:23:24.0054 0x0d60 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:23:24.0101 0x0d60 RasAgileVpn - ok
16:23:24.0108 0x0d60 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:23:24.0159 0x0d60 RasAuto - ok
16:23:24.0167 0x0d60 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:23:24.0215 0x0d60 Rasl2tp - ok
16:23:24.0230 0x0d60 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:23:24.0288 0x0d60 RasMan - ok
16:23:24.0295 0x0d60 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:23:24.0345 0x0d60 RasPppoe - ok
16:23:24.0352 0x0d60 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:23:24.0401 0x0d60 RasSstp - ok
16:23:24.0414 0x0d60 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:23:24.0470 0x0d60 rdbss - ok
16:23:24.0476 0x0d60 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:23:24.0498 0x0d60 rdpbus - ok
16:23:24.0503 0x0d60 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:23:24.0548 0x0d60 RDPCDD - ok
16:23:24.0559 0x0d60 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:23:24.0584 0x0d60 RDPDR - ok
16:23:24.0588 0x0d60 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:23:24.0634 0x0d60 RDPENCDD - ok
16:23:24.0641 0x0d60 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:23:24.0688 0x0d60 RDPREFMP - ok
16:23:24.0695 0x0d60 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:23:24.0716 0x0d60 RdpVideoMiniport - ok
16:23:24.0726 0x0d60 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:23:24.0752 0x0d60 RDPWD - ok
16:23:24.0762 0x0d60 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:23:24.0785 0x0d60 rdyboost - ok
16:23:24.0792 0x0d60 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:23:24.0842 0x0d60 RemoteAccess - ok
16:23:24.0851 0x0d60 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:23:24.0904 0x0d60 RemoteRegistry - ok
16:23:24.0912 0x0d60 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:23:24.0940 0x0d60 RFCOMM - ok
16:23:24.0948 0x0d60 [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
16:23:24.0994 0x0d60 rpcapd - ok
16:23:25.0000 0x0d60 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:23:25.0037 0x0d60 RpcEptMapper - ok
16:23:25.0041 0x0d60 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:23:25.0056 0x0d60 RpcLocator - ok
16:23:25.0071 0x0d60 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:23:25.0119 0x0d60 RpcSs - ok
16:23:25.0125 0x0d60 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:23:25.0162 0x0d60 rspndr - ok
16:23:25.0171 0x0d60 [ C20F64FCD5E2B40310A1774495877ACD, 459E337266EE510E67C5065D2CFDA6804BA5BAF82A4B6E43E80238C86269770D ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
16:23:25.0191 0x0d60 RTHDMIAzAudService - ok
16:23:25.0212 0x0d60 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:23:25.0246 0x0d60 RTL8167 - ok
16:23:25.0278 0x0d60 [ 7461D3DA1AABB5F703504E958455A900, B77D36E095A476A8191C1771539F20529F82CACF3C945BF55D64C39EEF09D0EA ] RTL8192cu C:\Windows\system32\DRIVERS\RTL8192cu.sys
16:23:25.0324 0x0d60 RTL8192cu - ok
16:23:25.0342 0x0d60 [ 45F606823EAA469582318C722C76A29D, 1016FBE111638AE369F7C5FF6CA33178FD6CB06D361F3B488DE6C4D85A22253A ] RUBotSrv C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
16:23:25.0387 0x0d60 RUBotSrv - ok
16:23:25.0392 0x0d60 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:23:25.0410 0x0d60 s3cap - ok
16:23:25.0416 0x0d60 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
16:23:25.0435 0x0d60 SamSs - ok
16:23:25.0447 0x0d60 [ E20128053F3F4641A2627ECFA7149ECA, CE5620BC170E76E53FEDCCEE12BBFBEE7C67B96E53E5D9C63FA7773C36699DC6 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
16:23:25.0472 0x0d60 SbieDrv - ok
16:23:25.0483 0x0d60 [ 0FA1025D7AC725EEA5EA3076965EEA6B, 80AFCFD77BCE07F34C1276F5F416A156ABB9FEDC2AAF7AE68CEA500A4468D125 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
16:23:25.0507 0x0d60 SbieSvc - ok
16:23:25.0515 0x0d60 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:23:25.0533 0x0d60 sbp2port - ok
16:23:25.0543 0x0d60 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:23:25.0597 0x0d60 SCardSvr - ok
16:23:25.0602 0x0d60 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:23:25.0648 0x0d60 scfilter - ok
16:23:25.0684 0x0d60 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:23:25.0773 0x0d60 Schedule - ok
16:23:25.0781 0x0d60 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:23:25.0816 0x0d60 SCPolicySvc - ok
16:23:25.0824 0x0d60 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:23:25.0844 0x0d60 SDRSVC - ok
16:23:25.0938 0x0d60 [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
16:23:26.0087 0x0d60 SDScannerService - ok
16:23:26.0117 0x0d60 [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
16:23:26.0168 0x0d60 SDUpdateService - ok
16:23:26.0176 0x0d60 [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
16:23:26.0209 0x0d60 SDWSCService - ok
16:23:26.0214 0x0d60 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:23:26.0260 0x0d60 secdrv - ok
16:23:26.0266 0x0d60 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:23:26.0311 0x0d60 seclogon - ok
16:23:26.0317 0x0d60 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:23:26.0366 0x0d60 SENS - ok
16:23:26.0371 0x0d60 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:23:26.0391 0x0d60 SensrSvc - ok
16:23:26.0398 0x0d60 [ 9F6490423AC3271E84A90A0DD9D30A3B, 7F8559B06A2E8FC35F71A099F320A87BB90FC9783133C19F49046F06ECBC9605 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
16:23:26.0422 0x0d60 Ser2pl - ok
16:23:26.0427 0x0d60 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:23:26.0446 0x0d60 Serenum - ok
16:23:26.0452 0x0d60 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:23:26.0474 0x0d60 Serial - ok
16:23:26.0479 0x0d60 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:23:26.0498 0x0d60 sermouse - ok
16:23:26.0515 0x0d60 [ 9D38320BB32230349379DF5DDBBF7FCE, 8AAA8B0B60E65F596C3276DCCD0D8146B40172B6D509B597EDFDA46AC8A72A4C ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
16:23:26.0558 0x0d60 ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
16:23:36.0727 0x0d60 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
16:23:41.0086 0x0d60 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:23:41.0139 0x0d60 SessionEnv - ok
16:23:41.0144 0x0d60 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:23:41.0166 0x0d60 sffdisk - ok
16:23:41.0170 0x0d60 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:23:41.0192 0x0d60 sffp_mmc - ok
16:23:41.0197 0x0d60 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:23:41.0218 0x0d60 sffp_sd - ok
16:23:41.0223 0x0d60 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:23:41.0241 0x0d60 sfloppy - ok
16:23:41.0256 0x0d60 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:23:41.0317 0x0d60 SharedAccess - ok
16:23:41.0333 0x0d60 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:23:41.0392 0x0d60 ShellHWDetection - ok
16:23:41.0398 0x0d60 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:23:41.0415 0x0d60 SiSRaid2 - ok
16:23:41.0421 0x0d60 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:23:41.0439 0x0d60 SiSRaid4 - ok
16:23:41.0446 0x0d60 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:23:41.0495 0x0d60 Smb - ok
16:23:41.0508 0x0d60 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:23:41.0528 0x0d60 SNMPTRAP - ok
16:23:41.0534 0x0d60 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\syswow64\speedfan.sys
16:23:41.0555 0x0d60 speedfan - ok
16:23:41.0560 0x0d60 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:23:41.0575 0x0d60 spldr - ok
16:23:41.0592 0x0d60 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:23:41.0623 0x0d60 Spooler - ok
16:23:41.0704 0x0d60 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:23:41.0843 0x0d60 sppsvc - ok
16:23:41.0851 0x0d60 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:23:41.0889 0x0d60 sppuinotify - ok
16:23:41.0899 0x0d60 [ 7D67C07C63796775CC5492BCFEAFF125, BAEFF806F656FA252D1DBC1E21603CF5F7D54C5AFB3FC91F2723729A7740DF8A ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:23:41.0924 0x0d60 SQLBrowser - ok
16:23:41.0931 0x0d60 [ F98DDFBFE0EE66D4C4B00693512B9527, 322FF75D1CA460368FD72ADCD93273F1D5AA5CF2C4DF65A94BF9ABAA2E695150 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:23:41.0947 0x0d60 SQLWriter - ok
16:23:41.0962 0x0d60 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:23:41.0990 0x0d60 srv - ok
16:23:42.0003 0x0d60 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:23:42.0028 0x0d60 srv2 - ok
16:23:42.0036 0x0d60 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:23:42.0054 0x0d60 srvnet - ok
16:23:42.0062 0x0d60 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:23:42.0104 0x0d60 SSDPSRV - ok
16:23:42.0109 0x0d60 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:23:42.0147 0x0d60 SstpSvc - ok
16:23:42.0163 0x0d60 [ 54BF0E8619D58271851670649764AA92, A5BFBEE4CF37C43755B7727616FD2E2FEEF8F2DF59D80A5C2B15745B0B92A652 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:23:42.0200 0x0d60 Steam Client Service - ok
16:23:42.0206 0x0d60 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:23:42.0222 0x0d60 stexstor - ok
16:23:42.0245 0x0d60 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:23:42.0292 0x0d60 stisvc - ok
16:23:42.0298 0x0d60 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:23:42.0314 0x0d60 storflt - ok
16:23:42.0319 0x0d60 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
16:23:42.0339 0x0d60 StorSvc - ok
16:23:42.0344 0x0d60 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:23:42.0360 0x0d60 storvsc - ok
16:23:42.0365 0x0d60 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:23:42.0380 0x0d60 swenum - ok
16:23:42.0399 0x0d60 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:23:42.0466 0x0d60 swprv - ok
16:23:42.0521 0x0d60 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:23:42.0613 0x0d60 SysMain - ok
16:23:42.0622 0x0d60 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:23:42.0651 0x0d60 TabletInputService - ok
16:23:42.0656 0x0d60 [ D0B07EED9DDEC5C69521C689B7BF455F, A9F1C76FBF833E25A8470116A9BB7F7121A86138B31B54C098F1E22C11109044 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
16:23:42.0675 0x0d60 tap0901 - detected UnsignedFile.Multi.Generic ( 1 )
16:23:45.0086 0x0d60 Detect skipped due to KSN trusted
16:23:45.0086 0x0d60 tap0901 - ok
16:23:45.0100 0x0d60 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:23:45.0158 0x0d60 TapiSrv - ok
16:23:45.0164 0x0d60 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:23:45.0214 0x0d60 TBS - ok
16:23:45.0271 0x0d60 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:23:45.0350 0x0d60 Tcpip - ok
16:23:45.0410 0x0d60 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:23:45.0484 0x0d60 TCPIP6 - ok
16:23:45.0495 0x0d60 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:23:45.0518 0x0d60 tcpipreg - ok
16:23:45.0525 0x0d60 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:23:45.0543 0x0d60 TDPIPE - ok
16:23:45.0548 0x0d60 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:23:45.0567 0x0d60 TDTCP - ok
16:23:45.0574 0x0d60 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:23:45.0613 0x0d60 tdx - ok
16:23:45.0617 0x0d60 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:23:45.0630 0x0d60 TermDD - ok
16:23:45.0649 0x0d60 [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll
16:23:45.0685 0x0d60 TermService - ok
16:23:45.0690 0x0d60 [ 48D9D00C2E0E72C3D4F52772C80355F6, 86F281C7F5FA2FCF1A36C69DD6561531E48483CACB8A873B955F7E93D9A1D259 ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys
16:23:45.0703 0x0d60 TFsExDisk - ok
16:23:45.0708 0x0d60 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:23:45.0728 0x0d60 Themes - ok
16:23:45.0733 0x0d60 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:23:45.0769 0x0d60 THREADORDER - ok
16:23:45.0775 0x0d60 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:23:45.0825 0x0d60 TrkWks - ok
16:23:45.0842 0x0d60 [ 325A512F98BEB97B1FFBE88927B8090D, 2A0C10516E3506D63290345DFAC98D5A623584767E034EBF652B9DBE6CF70547 ] trufos C:\Windows\system32\DRIVERS\trufos.sys
16:23:45.0871 0x0d60 trufos - ok
16:23:45.0881 0x0d60 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:23:45.0932 0x0d60 TrustedInstaller - ok
16:23:45.0939 0x0d60 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:23:45.0958 0x0d60 tssecsrv - ok
16:23:45.0965 0x0d60 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:23:45.0985 0x0d60 TsUsbFlt - ok
16:23:45.0990 0x0d60 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:23:46.0008 0x0d60 TsUsbGD - ok
16:23:46.0016 0x0d60 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:23:46.0065 0x0d60 tunnel - ok
16:23:46.0071 0x0d60 [ 42350E49DA754D2D77362FDAE3491651, F29E8BA444ECB0484066B02C0A3DCE09B8417159EE37D7A2E05D4C06A98449C4 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
16:23:46.0089 0x0d60 TurboB - ok
16:23:46.0097 0x0d60 [ 4F4B0AB2FB69C414CCBCEF7CF2E1C8D8, E1F197554369C97DBF61389346B4CB0233F40AAA2575F5D2FEC809AC9123FC69 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:23:46.0119 0x0d60 TurboBoost - ok
16:23:46.0125 0x0d60 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:23:46.0142 0x0d60 uagp35 - ok
16:23:46.0156 0x0d60 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:23:46.0213 0x0d60 udfs - ok
16:23:46.0222 0x0d60 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:23:46.0244 0x0d60 UI0Detect - ok
16:23:46.0250 0x0d60 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:23:46.0267 0x0d60 uliagpkx - ok
16:23:46.0272 0x0d60 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:23:46.0292 0x0d60 umbus - ok
16:23:46.0297 0x0d60 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
16:23:46.0315 0x0d60 UmPass - ok
16:23:46.0325 0x0d60 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
16:23:46.0352 0x0d60 UmRdpService - ok
16:23:46.0366 0x0d60 [ 745B247DFB4C2466B382AE4B2062EB02, A391BFC9A2AD02D2A23112F16FF3CE8E291CAAA93F7C91FB2B2C1A8E1853DA5F ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
16:23:46.0387 0x0d60 UPDATESRV - ok
16:23:46.0402 0x0d60 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:23:46.0463 0x0d60 upnphost - ok
16:23:46.0471 0x0d60 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:23:46.0493 0x0d60 usbaudio - ok
16:23:46.0502 0x0d60 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:23:46.0525 0x0d60 usbccgp - ok
16:23:46.0532 0x0d60 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:23:46.0554 0x0d60 usbcir - ok
16:23:46.0560 0x0d60 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:23:46.0580 0x0d60 usbehci - ok
16:23:46.0592 0x0d60 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:23:46.0616 0x0d60 usbhub - ok
16:23:46.0621 0x0d60 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:23:46.0635 0x0d60 usbohci - ok
16:23:46.0639 0x0d60 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:23:46.0656 0x0d60 usbprint - ok
16:23:46.0661 0x0d60 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
16:23:46.0677 0x0d60 usbscan - ok
16:23:46.0684 0x0d60 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:23:46.0702 0x0d60 USBSTOR - ok
16:23:46.0706 0x0d60 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:23:46.0721 0x0d60 usbuhci - ok
16:23:46.0725 0x0d60 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:23:46.0762 0x0d60 UxSms - ok
16:23:46.0767 0x0d60 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
16:23:46.0782 0x0d60 VaultSvc - ok
16:23:46.0787 0x0d60 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:23:46.0800 0x0d60 vdrvroot - ok
16:23:46.0816 0x0d60 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:23:46.0867 0x0d60 vds - ok
16:23:46.0872 0x0d60 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:23:46.0888 0x0d60 vga - ok
16:23:46.0893 0x0d60 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:23:46.0928 0x0d60 VgaSave - ok
16:23:46.0937 0x0d60 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:23:46.0954 0x0d60 vhdmp - ok
16:23:46.0958 0x0d60 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:23:46.0970 0x0d60 viaide - ok
16:23:46.0978 0x0d60 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:23:46.0995 0x0d60 vmbus - ok
16:23:46.0999 0x0d60 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:23:47.0014 0x0d60 VMBusHID - ok
16:23:47.0019 0x0d60 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:23:47.0032 0x0d60 volmgr - ok
16:23:47.0043 0x0d60 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:23:47.0064 0x0d60 volmgrx - ok
16:23:47.0075 0x0d60 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:23:47.0095 0x0d60 volsnap - ok
16:23:47.0103 0x0d60 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:23:47.0119 0x0d60 vsmraid - ok
16:23:47.0159 0x0d60 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:23:47.0233 0x0d60 VSS - ok
16:23:47.0274 0x0d60 [ 53A2A86E95BEF00587A8A1DEA201FF69, 57118954C1D2FB6993BF2947A807ECA5B5C98FD92C3B73D4107D8445A1115ED2 ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
16:23:47.0323 0x0d60 VSSERV - ok
16:23:47.0328 0x0d60 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:23:47.0343 0x0d60 vwifibus - ok
16:23:47.0348 0x0d60 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:23:47.0365 0x0d60 vwififlt - ok
16:23:47.0375 0x0d60 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:23:47.0416 0x0d60 W32Time - ok
16:23:47.0421 0x0d60 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:23:47.0435 0x0d60 WacomPen - ok
16:23:47.0440 0x0d60 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:23:47.0473 0x0d60 WANARP - ok
16:23:47.0477 0x0d60 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:23:47.0507 0x0d60 Wanarpv6 - ok
16:23:47.0540 0x0d60 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:23:47.0591 0x0d60 wbengine - ok
16:23:47.0599 0x0d60 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:23:47.0622 0x0d60 WbioSrvc - ok
16:23:47.0632 0x0d60 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:23:47.0658 0x0d60 wcncsvc - ok
16:23:47.0662 0x0d60 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:23:47.0675 0x0d60 WcsPlugInService - ok
16:23:47.0679 0x0d60 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
16:23:47.0689 0x0d60 Wd - ok
16:23:47.0692 0x0d60 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
16:23:47.0705 0x0d60 WDC_SAM - ok
16:23:47.0724 0x0d60 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:23:47.0753 0x0d60 Wdf01000 - ok
16:23:47.0759 0x0d60 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:23:47.0786 0x0d60 WdiServiceHost - ok
16:23:47.0789 0x0d60 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:23:47.0805 0x0d60 WdiSystemHost - ok
16:23:47.0812 0x0d60 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
16:23:47.0829 0x0d60 WebClient - ok
16:23:47.0836 0x0d60 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:23:47.0867 0x0d60 Wecsvc - ok
16:23:47.0871 0x0d60 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:23:47.0899 0x0d60 wercplsupport - ok
16:23:47.0904 0x0d60 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:23:47.0931 0x0d60 WerSvc - ok
16:23:47.0934 0x0d60 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:23:47.0960 0x0d60 WfpLwf - ok
16:23:47.0963 0x0d60 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:23:47.0972 0x0d60 WIMMount - ok
16:23:47.0974 0x0d60 WinDefend - ok
16:23:47.0978 0x0d60 WinHttpAutoProxySvc - ok
16:23:47.0993 0x0d60 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:23:48.0048 0x0d60 Winmgmt - ok
16:23:48.0110 0x0d60 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
16:23:48.0236 0x0d60 WinRM - ok
16:23:48.0248 0x0d60 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:23:48.0271 0x0d60 WinUsb - ok
16:23:48.0301 0x0d60 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:23:48.0361 0x0d60 Wlansvc - ok
16:23:48.0432 0x0d60 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:23:48.0524 0x0d60 wlidsvc - ok
16:23:48.0532 0x0d60 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:23:48.0551 0x0d60 WmiAcpi - ok
16:23:48.0564 0x0d60 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:23:48.0590 0x0d60 wmiApSrv - ok
16:23:48.0594 0x0d60 WMPNetworkSvc - ok
16:23:48.0601 0x0d60 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:23:48.0620 0x0d60 WPCSvc - ok
16:23:48.0628 0x0d60 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:23:48.0654 0x0d60 WPDBusEnum - ok
16:23:48.0659 0x0d60 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:23:48.0705 0x0d60 ws2ifsl - ok
16:23:48.0713 0x0d60 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:23:48.0742 0x0d60 wscsvc - ok
16:23:48.0747 0x0d60 WSearch - ok
16:23:48.0815 0x0d60 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
16:23:48.0887 0x0d60 wuauserv - ok
16:23:48.0895 0x0d60 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:23:48.0912 0x0d60 WudfPf - ok
16:23:48.0921 0x0d60 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:23:48.0940 0x0d60 WUDFRd - ok
16:23:48.0946 0x0d60 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:23:48.0963 0x0d60 wudfsvc - ok
16:23:48.0972 0x0d60 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:23:48.0994 0x0d60 WwanSvc - ok
16:23:49.0014 0x0d60 ================ Scan global ===============================
16:23:49.0018 0x0d60 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:23:49.0027 0x0d60 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:23:49.0040 0x0d60 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:23:49.0049 0x0d60 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:23:49.0060 0x0d60 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:23:49.0069 0x0d60 [ Global ] - ok
16:23:49.0069 0x0d60 ================ Scan MBR ==================================
16:23:49.0080 0x0d60 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:23:49.0346 0x0d60 \Device\Harddisk0\DR0 - ok
16:23:49.0349 0x0d60 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:23:49.0506 0x0d60 \Device\Harddisk1\DR1 - ok
16:23:49.0509 0x0d60 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
16:23:49.0561 0x0d60 \Device\Harddisk2\DR2 - ok
16:23:49.0565 0x0d60 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
16:23:49.0634 0x0d60 \Device\Harddisk3\DR3 - ok
16:23:49.0635 0x0d60 ================ Scan VBR ==================================
16:23:49.0637 0x0d60 [ D3CF3A81B377E81931682D9E9583082F ] \Device\Harddisk0\DR0\Partition1
16:23:49.0685 0x0d60 \Device\Harddisk0\DR0\Partition1 - ok
16:23:49.0689 0x0d60 [ C07EA9668676E1F1B2EA478B370ADF61 ] \Device\Harddisk0\DR0\Partition2
16:23:49.0765 0x0d60 \Device\Harddisk0\DR0\Partition2 - ok
16:23:49.0768 0x0d60 [ 3CAF7F5BF6C36FDF74ADB00C8C45B806 ] \Device\Harddisk0\DR0\Partition3
16:23:49.0837 0x0d60 \Device\Harddisk0\DR0\Partition3 - ok
16:23:49.0841 0x0d60 [ B3487FAA88D9E349ABF8E0BFE1986EC7 ] \Device\Harddisk1\DR1\Partition1
16:23:49.0842 0x0d60 \Device\Harddisk1\DR1\Partition1 - ok
16:23:49.0845 0x0d60 [ 0BDB8166EB19F40BCB7BCC26E29D4499 ] \Device\Harddisk1\DR1\Partition2
16:23:49.0847 0x0d60 \Device\Harddisk1\DR1\Partition2 - ok
16:23:49.0850 0x0d60 [ BF0270876A60E489A549E9BFFCDBF9B7 ] \Device\Harddisk2\DR2\Partition1
16:23:49.0922 0x0d60 \Device\Harddisk2\DR2\Partition1 - ok
16:23:49.0925 0x0d60 [ 9743027B178CAD77082322EE0770FE65 ] \Device\Harddisk2\DR2\Partition2
16:23:49.0977 0x0d60 \Device\Harddisk2\DR2\Partition2 - ok
16:23:49.0980 0x0d60 [ 09CF54C5E5DE6986D6FF36AAEDA44317 ] \Device\Harddisk2\DR2\Partition3
16:23:50.0037 0x0d60 \Device\Harddisk2\DR2\Partition3 - ok
16:23:50.0041 0x0d60 [ B4D1532C242756B1412071141FA437FE ] \Device\Harddisk3\DR3\Partition1
16:23:50.0043 0x0d60 \Device\Harddisk3\DR3\Partition1 - ok
16:23:50.0044 0x0d60 ================ Scan generic autorun ======================
16:23:50.0096 0x0d60 [ 11D13705AEA930EFFFD56D63F1675D63, D2699B5180CC3C0365924F794FEE6997ED9441FBC677270E89CD392A2CAB872D ] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
16:23:50.0166 0x0d60 Bdagent - ok
16:23:50.0556 0x0d60 [ 47D99FEC44A9E082B2D761AB5A938CA8, FF8CAD5CD331A7DAFAA616C530F500E74663EC86BB832032D2EFD3F77EBF75FF ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:23:50.0935 0x0d60 RtHDVCpl - ok
16:23:50.0978 0x0d60 [ 01F0FC06366F80BF8964708042E0D9F5, 7DEA61576AC17C902B6041EE168BEF2AF2A43401829D2FF7E19747ED8D43B16D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
16:23:51.0022 0x0d60 RtHDVBg_Dolby - ok
16:23:51.0069 0x0d60 [ DF72D700CC33611206675B8A2FD4D4F9, AB3AF6FD92140A1432FEAFFF2015CFAD5E9362F0018EA1D859A2DA349E95847D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
16:23:51.0127 0x0d60 EvtMgr6 - ok
16:23:51.0137 0x0d60 [ DC73E11DC27E7D9AEF884EBE816C4240, 638485C85F7183E2B3060B8FD3189EA47F873B84EE34CAB99526A3A1CC3EE62B ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
16:23:51.0163 0x0d60 IAStorIcon - ok
16:23:51.0169 0x0d60 [ 77B958528D6C56CEDC88B29EDB66CFAE, CD2B9378D26A1A6F39A8475C9160C3D64A8B4C4DDF8F07B551AA375B3861E333 ] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe
16:23:51.0203 0x0d60 DT FUS - ok
16:23:51.0232 0x0d60 [ 7E88404F838D7E99727C2741D3990A46, B87B34C835C0CFF92EB352C9895E45D66C21E80E53E7C2E614C5012DB5C86A21 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:23:51.0287 0x0d60 StartCCC - ok
16:23:51.0350 0x0d60 [ 68B741770130B3621CAC647C06A6606E, 4D7A4DAC7C8638E10EF93563E526DE6023B092B8882FEBD6FE254711570D257C ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
16:23:51.0449 0x0d60 KeePass 2 PreLoad - detected UnsignedFile.Multi.Generic ( 1 )
16:23:53.0866 0x0d60 Detect skipped due to KSN trusted
16:23:53.0866 0x0d60 KeePass 2 PreLoad - ok
16:23:53.0874 0x0d60 [ E350385CF8113BE4A1D5ABEFC2B0F04C, CCE22F609274A1782F9EA563E5841786AAD142C246698648A8710C113073BFC1 ] C:\Program Files (x86)\EMET 4.1\EMET_agent.exe
16:23:53.0898 0x0d60 EMET 4.1 Agent - ok
16:23:53.0927 0x0d60 [ CB454FBAB5376D13813C9235E87F1EAD, AFF6F58EDC228F4217A528D951FA5DA317A00D44D1B57841E855D728725F2852 ] C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
16:23:53.0995 0x0d60 AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
16:23:56.0401 0x0d60 Detect skipped due to KSN trusted
16:23:56.0401 0x0d60 AVMWlanClient - ok
16:23:56.0438 0x0d60 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:23:56.0504 0x0d60 Sidebar - ok
16:23:56.0511 0x0d60 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:23:56.0539 0x0d60 mctadmin - ok
16:23:56.0576 0x0d60 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:23:56.0635 0x0d60 Sidebar - ok
16:23:56.0642 0x0d60 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:23:56.0669 0x0d60 mctadmin - ok
16:23:56.0675 0x0d60 [ 886EF31AC237C82EF755C75C306A7C27, 165C39C1430501DCA5B98AF5B863B968B06645A1DD15CA04780E3EBDF1E85926 ] C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
16:23:56.0707 0x0d60 Allway Sync - ok
16:23:56.0715 0x0d60 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] C:\Users\Moonchild\AppData\Local\Google\Update\GoogleUpdate.exe
16:23:56.0746 0x0d60 Google Update - ok
16:23:56.0749 0x0d60 HotAlarmClock - ok
16:23:56.0797 0x0d60 [ 7A60DCF0B0F2521A7F505F8A56E5AB68, 7F23D55D4BC55ACACA9E4F94DA2439539FD2AA96D1DCA6FF58C8469F7F9C622F ] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
16:23:56.0898 0x0d60 FreeAC - ok
16:23:56.0906 0x0d60 [ 886EF31AC237C82EF755C75C306A7C27, 165C39C1430501DCA5B98AF5B863B968B06645A1DD15CA04780E3EBDF1E85926 ] C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
16:23:56.0936 0x0d60 Allway Sync - ok
16:23:57.0063 0x0d60 [ 35CCA77EC41E19466AAAD94DD2559578, ED5871CF78152522F5E262CE7869136ACEDD62FD2EE3DEBBF0C0AA7A3F051E94 ] C:\Program Files (x86)\Klebezettel NG\klebez.exe
16:23:57.0429 0x0d60 Klebezettel NG - detected UnsignedFile.Multi.Generic ( 1 )
16:23:59.0858 0x0d60 Detect skipped due to KSN trusted
16:23:59.0858 0x0d60 Klebezettel NG - ok
16:23:59.0884 0x0d60 [ 27D60574D2277B771930F871C83F4BEA, 90306556A2ABE5760D69F4B55C9A7423CABB5721A2CB7F624D461C0033DAB67F ] C:\Program Files\Sandboxie\SbieCtrl.exe
16:23:59.0922 0x0d60 SandboxieControl - ok
16:23:59.0924 0x0d60 Waiting for KSN requests completion. In queue: 9
16:24:00.0924 0x0d60 Waiting for KSN requests completion. In queue: 9
16:24:01.0924 0x0d60 Waiting for KSN requests completion. In queue: 9
16:24:02.0948 0x0d60 AV detected via SS2: Bitdefender Virenschutz, C:\Program Files\Bitdefender\Bitdefender 2013\wscfix.exe ( 16.34.0.1909 ), 0x41000 ( enabled : updated )
16:24:02.0950 0x0d60 FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2013\wscfix.exe ( 16.34.0.1909 ), 0x40010 ( disabled )
16:24:02.0958 0x0d60 Win FW state via NFP2: disabled
16:24:05.0333 0x0d60 ============================================================
16:24:05.0333 0x0d60 Scan finished
16:24:05.0333 0x0d60 ============================================================
16:24:05.0345 0x1ebc Detected object count: 1
16:24:05.0345 0x1ebc Actual detected object count: 1
16:24:33.0434 0x1ebc ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:33.0434 0x1ebc ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
Geändert von nickcave (01.11.2014 um 16:39 Uhr) |
|
02.11.2014, 08:05
| #4 |
| /// the machine /// TB-Ausbilder | HitmanPro Alert gibt Warnung aus - Browser kompromittiert? Sieht soweit gut aus. Mach mal nen Vollscan mit Hitman.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.11.2014, 09:45
| #5 |
| | HitmanPro Alert gibt Warnung aus - Browser kompromittiert? Morgen, ich habe gestern vor Deiner Antwort noch einmal Bitdefender einen Systemscan machen lassen und diesmal hat das Program etwas gefunden: 1. Gen:Variant.Application.Bundler.Amonetize.14; 1x bei einem Programm namens MDB Repair, einer Freeware, die zum Reparieren von Access Datenbanken genutzt werden kann, 5x werden Dateien in $Recycle.bin angezeigt (=wohl Papierkorb, sofern ich nicht fehl gehe) 2. W97M.Herashel.E, alle Dateien (6x) in Recycle.bin Ich habe Bitdefender jetzt noch keine Anweisungen gegeben, also noch keinen Löschauftrag. Soll ich das machen? Wenn ja, soll ich dann eine Log-Datei posten (wo finde ich die?). Ich warte hier erst einmal auf Anweisungen von Dir, bevor ich ggf. den Hitman-Scan "hinterherwerfe"... P.S. Beide Funde befinden sich übrigens nicht auf der Systemplatte, falls das interessant sein sollte Geändert von nickcave (02.11.2014 um 09:54 Uhr) |
|
02.11.2014, 18:04
| #6 |
| /// the machine /// TB-Ausbilder | HitmanPro Alert gibt Warnung aus - Browser kompromittiert? Einfach Papierkorb leeren, der Fund in dem Tool scheint ein Fehlalarm zu sein.
__________________ --> HitmanPro Alert gibt Warnung aus - Browser kompromittiert? |
|
03.11.2014, 13:30
| #7 |
| | HitmanPro Alert gibt Warnung aus - Browser kompromittiert? Okay, ich habe den Papierkorb geleert und das von Bitdefender identifizierte Programm (MDB Repair) zur Sicherheit in Quarantäne verschoben, weil ich das Progi eh nicht brauche. Danach habe ich Hitman durchlaufen lassen; kein Fund Wie jetzt weiter? Die Meldung von HitmanAlert beim Öffnen des Firefox ist immer noch am Start... Grüße Berichtigung: Jetzt ist die Meldung, die gestern Abend noch bei jedem Firefox Start auftauchte, plötzlich weg. Das unterstreicht, dass es sich wohl um eine Fehlermeldung des Programms handelt. Frage: Angesichts dieser Fehlfunktion und der Zeit, die ich damit verbracht habe, stellte ich mir jetzt natürlich die Frage, macht dieses Tool überhaupt Sinn oder sollte ich es gleich rausschmeißen. Was meinst Du? Hast Du Erfahrungswerte bezüglich des Sinn/Unsinn von Hitman Alert? |
|
03.11.2014, 22:32
| #8 |
| /// the machine /// TB-Ausbilder | HitmanPro Alert gibt Warnung aus - Browser kompromittiert? Selbst nie benutzt und kein Fan von Hitman 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.11.2014, 23:05
| #9 |
| | HitmanPro Alert gibt Warnung aus - Browser kompromittiert? Alles klar. Dank Dir für Deine Hilfe  |
|
04.11.2014, 11:35
| #10 |
| /// the machine /// TB-Ausbilder | HitmanPro Alert gibt Warnung aus - Browser kompromittiert? Gern Geschehen 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu HitmanPro Alert gibt Warnung aus - Browser kompromittiert? |
| antivirus, avira, browser, computer, cpu-z, entfernen, excel, fehler, firefox, flash player, frage, google, home, mozilla, programm, realtek, registry, security, server, shark, software, stick, svchost.exe, system, tracker, usb, windows, wscript.exe |
Hybrid-Darstellung
