| |
| |||||||
Log-Analyse und Auswertung: Sehr langsamer ProgrammstartWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.07.2014, 19:43
| #1 |
 |  Sehr langsamer Programmstart Seit einiger Zeit werden einige Programme, besonders aber Thunderbird, immer langsamer beim Start, stellen teilweise gar keine Verbindung mit dem Server her. "Normale" Internet-Verbindungen (über Browser) laufen mit akzeptabler normaler Geschwindigkeit. Alle Hinweise des Thunderbird-Supportforums für derartige Fälle wurden befolgt (Löschung der Indexdatei und deren Neuaufbau usw.) wurden erfolglos probiert. Mehrfache Komplett-De- und Neuinstallation brachte keinerlei Hilfe. Da ich auf einem zweiten Rechner im gleichen Netz überhaupt keine Probleme habe (habe zur Sicherheit auch dort das Programm mal deinstalliert und neu installiert - fast in Sekundenschnelle waar es getan), habe ich die Befürchtung, dass mein Rechner auf irgendeine Weise infiziert ist und bin dankbar für jede Hilfe. Die Dateien (defogger_disable.txt habe ich nicht gefunden, wurde evtl. nicht erstellt?) einschließlich einer von GData generierten Datei wie folgt: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01 Ran by HDS (administrator) on HDS-NEU2 on 07-07-2014 18:41:42 Running from E:\Downloads\trojanerboard Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe () C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe () C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe () C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe () C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe () C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe (Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe (freenet.de GmbH) C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2009-08-18] (Realtek Semiconductor) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-17] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG) HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2014-01-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation) HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe [67488 2007-09-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [freenet.de Dateimanager Taskleistensymbol] => C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe [142336 2009-01-22] (freenet.de GmbH) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe, Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [dradio-RecorderTimer] => C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe [41472 2012-04-03] () HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [] => [X] HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\MountPoints2: {0eb18823-749a-11e3-9f74-806e6f6e6963} - F:\Autoplay.exe -auto Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll () ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll () ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll () BootExecute: autocheck autochk * auto_reactivate \\?\Volume{0eb18820-749a-11e3-9f74-806e6f6e6963}\bootwiz\asrm.bin ==================== Internet (Whitelisted) ==================== ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: localhost:8088 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM - DefaultScope {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms} SearchScopes: HKLM - {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader64.dll () BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll () BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: 127.0.0.1 google-analytics.com Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default FF DefaultSearchEngine: Wikipedia (de) FF SelectedSearchEngine: Wikipedia (de) FF Homepage: about:home FF NetworkProxy: "ftp", "87.250.52.230" FF NetworkProxy: "ftp_port", 8080 FF NetworkProxy: "http", "87.250.52.230" FF NetworkProxy: "http_port", 8080 FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co" FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "socks", "87.250.52.230" FF NetworkProxy: "socks_port", 8080 FF NetworkProxy: "ssl", "87.250.52.230" FF NetworkProxy: "ssl_port", 8080 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll No File FF SearchPlugin: C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\searchplugins\wikipdia-fr.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: FRITZ!Box AddOn - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\fb_add_on@avm.de [2014-01-04] FF Extension: Nokia Maps 3D browser plugin - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\maps@ovi.com [2014-01-04] FF Extension: WOT - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-12] FF Extension: DownloadHelper - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26] FF Extension: anonymoX - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\client@anonymox.net.xpi [2014-01-04] FF Extension: Preispilot - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\extension@preispilot.com.xpi [2014-01-04] FF Extension: CleanTube - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\jid0-Oh6YfHwkh8Cb1Y4efKhBukwKfB0@jetpack.xpi [2014-01-04] FF Extension: Safe Preview - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\safepreview@everhelper.me.xpi [2014-01-07] FF Extension: Stealthy - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\stealthyextension@gmail.com.xpi [2014-01-04] FF Extension: Webutation - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2014-01-07] FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2014-01-04] FF Extension: NoScript - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-01] FF Extension: Youtube Converter MP3 - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a5}.xpi [2014-01-04] FF Extension: Go To Google - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{BCC877E7-7F3F-4632-8338-DAEE4475DE35}.xpi [2014-01-04] FF Extension: Adblock Plus - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-04] FF Extension: Fox!Box - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2014-01-04] FF Extension: QuickJava - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-01-04] FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-04] FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-01-16] FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-01-16] FF HKLM-x32\...\Firefox\Extensions: [jid0-1wPBLrijxGVkIUhu0kFYq6ZaWzA@jetpack] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox FF Extension: AntiBrowserSpy - SocialBlocker - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox [2014-02-25] FF HKLM-x32\...\Firefox\Extensions: [firefox@printecosoftware.com] - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi FF Extension: PrintEco - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi [2014-03-17] ==================== Services (Whitelisted) ================= S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-06] (Adobe Systems) [File not signed] R2 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] () R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-05-27] (G Data Software AG) R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG) R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed] R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-27] (Freemake) [File not signed] S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-01-13] (Ellora Assets Corp.) [File not signed] R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3203392 2014-05-20] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG) R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG) R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed] R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2011-11-15] () R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed] S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) S3 Mtpip000ode; No ImagePath ==================== Drivers (Whitelisted) ==================== R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH) R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin) R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-07-03] (G Data Software AG) R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-07-03] (G Data Software AG) R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-07-03] (G Data Software AG) R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-07-03] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-07-03] (G Data Software AG) R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-03-06] (G Data Software) R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-07-03] (G Data Software AG) S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-28] (Malwarebytes Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation) R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation) S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-01-04] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-01-04] (Acronis International GmbH) R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-01-04] (Acronis International GmbH) S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-07 18:41 - 2014-07-07 18:41 - 00000000 ____D () C:\FRST 2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable 2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird 2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird 2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA 2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter 2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2014-06-28 15:09 - 2014-07-03 16:49 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster 2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk 2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet 2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager 2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet 2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager 2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR 2014-06-20 07:44 - 2014-06-20 07:47 - 00000000 ____D () C:\FreeOCR 2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk 2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR 2014-06-20 07:44 - 2007-03-10 10:11 - 02680320 _____ (HiComponents) C:\Windows\SysWOW64\ImageEnXLibrary.ocx 2014-06-20 07:43 - 2014-06-20 08:40 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express 2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco 2014-06-20 07:40 - 2014-06-20 07:41 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\InetStat 2014-06-18 16:12 - 2014-06-18 16:18 - 00000000 ____D () C:\Users\HDS\Documents\Fax 2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5} 2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk 2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk 2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll 2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll 2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll 2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll 2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll 2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll 2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe 2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe 2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe 2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe 2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe 2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys 2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll 2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys 2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys 2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\eXPert PDF 5 2014-06-13 17:19 - 2014-06-16 17:26 - 00000000 ____D () C:\Users\HDS\AppData\Local\Adobe 2014-06-11 07:58 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-11 07:58 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-11 07:58 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-11 07:58 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-11 07:58 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-11 07:58 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-11 07:58 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-11 07:58 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-11 07:58 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-11 07:58 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-11 07:58 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-11 07:58 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-11 07:58 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-11 07:58 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-11 07:58 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-11 07:58 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-11 07:58 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-11 07:58 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 07:58 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-11 07:58 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-11 07:58 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-11 07:58 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-11 07:58 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-11 07:58 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-11 07:58 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-11 07:58 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-11 07:58 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-11 07:58 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 07:58 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-11 07:58 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-11 07:58 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-11 07:58 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 07:58 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-11 07:58 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-11 07:58 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-11 07:58 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 07:58 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 07:58 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-11 07:58 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 07:58 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 07:58 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-11 07:58 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-11 07:58 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 07:58 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-11 07:58 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 07:58 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-11 07:58 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-11 07:58 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-11 07:58 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-11 07:58 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-11 07:58 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-11 07:58 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-11 07:33 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-11 07:33 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-11 07:33 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-11 07:33 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-11 07:33 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-11 07:33 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-11 07:33 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-11 07:33 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-11 07:33 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-11 07:33 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-11 07:33 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-11 07:33 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-11 07:28 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-11 07:28 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-10 13:22 - 2014-04-09 17:51 - 06715624 _____ (TomTom International B.V.) C:\Users\HDS\Downloads\InstallMyDriveConnect_3_3_0_1502.exe 2014-06-08 15:09 - 2014-06-08 15:09 - 00000000 ____D () C:\Program Files (x86)\SuperCar 2014-06-08 14:57 - 2014-06-08 15:09 - 00001905 _____ () C:\Users\Public\Desktop\SuperCar.lnk 2014-06-08 14:57 - 2014-06-08 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperCar 2014-06-07 08:59 - 2014-06-07 08:59 - 00000938 _____ () C:\Users\HDS\Desktop\DL - Verknüpfung.lnk ==================== One Month Modified Files and Folders ======= 2014-07-07 18:41 - 2014-07-07 18:41 - 00000000 ____D () C:\FRST 2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable 2014-07-07 18:36 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS 2014-07-07 18:28 - 2014-01-04 14:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-07 18:19 - 2014-01-03 19:14 - 01827938 _____ () C:\Windows\WindowsUpdate.log 2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird 2014-07-07 13:16 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-07 13:16 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-07-07 13:11 - 2014-01-03 20:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-07-07 13:09 - 2014-01-05 13:18 - 00000000 ____D () C:\Users\HDS\AppData\Local\HTC MediaHub 2014-07-07 13:09 - 2014-01-04 11:59 - 00262046 _____ () C:\Windows\PFRO.log 2014-07-07 13:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-07 13:09 - 2009-07-14 06:51 - 00058674 _____ () C:\Windows\setupact.log 2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird 2014-07-06 21:14 - 2014-01-04 13:52 - 00001617 _____ () C:\Windows\BRRBCOM.INI 2014-07-05 08:19 - 2014-01-05 11:57 - 00001841 _____ () C:\Windows\system32\TeamViewer9_Hooks.log 2014-07-05 08:19 - 2014-01-05 11:56 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-07-05 08:19 - 2014-01-05 11:56 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-07-03 21:36 - 2014-04-05 16:09 - 00000000 ___RD () C:\Users\HDS\Dropbox 2014-07-03 16:52 - 2014-04-05 16:06 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Dropbox 2014-07-03 16:49 - 2014-06-28 15:09 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster 2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA 2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2014-07-03 08:41 - 2014-04-10 14:04 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys 2014-07-03 08:41 - 2014-04-10 14:04 - 00001978 _____ () C:\Users\Public\Desktop\G Data InternetSecurity.lnk 2014-07-03 08:41 - 2014-01-03 20:03 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys 2014-07-03 08:41 - 2014-01-03 20:02 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys 2014-07-03 08:41 - 2014-01-03 20:02 - 00061440 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys 2014-07-03 08:40 - 2014-01-05 13:17 - 00053328 _____ () C:\Windows\DPINST.LOG 2014-07-03 08:40 - 2014-01-03 20:02 - 00142336 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys 2014-07-03 08:40 - 2014-01-03 20:02 - 00055808 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys 2014-07-02 17:31 - 2014-01-05 10:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\vlc 2014-07-02 17:26 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat 2014-07-02 17:26 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat 2014-07-02 17:26 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-02 14:01 - 2014-01-22 18:39 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\KeePass 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter 2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2014-07-02 11:05 - 2014-01-16 16:28 - 00001320 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk 2014-07-02 11:05 - 2014-01-16 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake 2014-06-30 15:40 - 2014-01-05 11:34 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\CoreFTP 2014-06-29 16:14 - 2014-01-05 11:58 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Skype 2014-06-29 13:30 - 2014-03-28 18:36 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-06-29 13:30 - 2014-01-05 11:58 - 00000000 ____D () C:\ProgramData\Skype 2014-06-28 15:09 - 2014-04-05 16:09 - 00001011 _____ () C:\Users\HDS\Desktop\Dropbox.lnk 2014-06-28 12:34 - 2014-01-14 16:49 - 00017920 _____ () C:\Users\HDS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk 2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet 2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager 2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet 2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager 2014-06-20 08:40 - 2014-06-20 07:43 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express 2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR 2014-06-20 07:47 - 2014-06-20 07:44 - 00000000 ____D () C:\FreeOCR 2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk 2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR 2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco 2014-06-20 07:41 - 2014-06-20 07:40 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\InetStat 2014-06-18 17:58 - 2014-01-04 12:07 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-06-18 16:18 - 2014-06-18 16:12 - 00000000 ____D () C:\Users\HDS\Documents\Fax 2014-06-18 09:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help 2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5} 2014-06-18 09:43 - 2014-01-04 13:21 - 00002669 _____ () C:\Users\Public\Desktop\TAXMAN 2014 spezial.lnk 2014-06-18 09:43 - 2014-01-03 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware 2014-06-18 09:27 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Adobe 2014-06-17 12:16 - 2014-01-04 09:54 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-17 12:14 - 2014-01-04 17:50 - 00096280 _____ () C:\Users\HDS\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-17 12:14 - 2009-07-14 06:45 - 00369552 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk 2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk 2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll 2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll 2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll 2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll 2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll 2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll 2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe 2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe 2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe 2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe 2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe 2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys 2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll 2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys 2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys 2014-06-17 12:06 - 2014-01-04 11:53 - 00000209 _____ () C:\Windows\ODBCINST.INI 2014-06-17 12:06 - 2014-01-04 09:53 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-06-17 12:03 - 2014-02-19 18:37 - 00000000 ____D () C:\Users\Hans-Dieter\AppData\Roaming\Adobe 2014-06-17 12:03 - 2014-01-04 15:43 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe 2014-06-17 10:53 - 2014-03-27 18:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-17 10:53 - 2014-01-05 13:05 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-17 10:48 - 2014-03-27 18:12 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-17 10:48 - 2014-01-05 13:05 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-17 08:47 - 2014-01-18 14:52 - 00007906 _____ () C:\Users\HDS\Documents\capella.log 2014-06-16 17:26 - 2014-06-13 17:19 - 00000000 ____D () C:\Users\HDS\AppData\Local\Adobe 2014-06-15 15:50 - 2014-01-22 18:37 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk 2014-06-15 15:50 - 2014-01-22 18:37 - 00001105 _____ () C:\Users\HDS\Desktop\KeePass 2.lnk 2014-06-15 15:50 - 2014-01-22 18:37 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2 2014-06-15 12:53 - 2014-01-05 10:30 - 00000000 ____D () C:\Users\HDS\Documents\MyHeritage 2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\eXPert PDF 5 2014-06-13 20:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-06-13 07:12 - 2014-02-25 16:15 - 00000000 ____D () C:\Program Files (x86)\AntiBrowserSpy 2014-06-13 07:11 - 2014-06-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-12 17:21 - 2014-01-03 20:51 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-12 17:21 - 2014-01-03 20:51 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-12 13:28 - 2014-01-04 14:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-06-12 13:28 - 2014-01-04 14:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-06-12 13:28 - 2014-01-03 19:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-12 08:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-06-11 21:59 - 2014-01-05 09:57 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-11 21:54 - 2014-01-05 09:57 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-11 21:54 - 2014-01-04 10:06 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-11 21:53 - 2014-06-04 05:15 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-09 16:03 - 2014-01-05 10:43 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\GeoSetter 2014-06-08 15:09 - 2014-06-08 15:09 - 00000000 ____D () C:\Program Files (x86)\SuperCar 2014-06-08 15:09 - 2014-06-08 14:57 - 00001905 _____ () C:\Users\Public\Desktop\SuperCar.lnk 2014-06-08 14:57 - 2014-06-08 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperCar 2014-06-08 11:13 - 2014-06-11 07:28 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-08 11:08 - 2014-06-11 07:28 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-07 08:59 - 2014-06-07 08:59 - 00000938 _____ () C:\Users\HDS\Desktop\DL - Verknüpfung.lnk Some content of TEMP: ==================== C:\Users\HDS\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl_pmpy.dll C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsbry6o.dll C:\Users\HDS\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.1.exe C:\Users\HDS\AppData\Local\Temp\FreemakeVideoDownloader_3.6.2.3.exe C:\Users\HDS\AppData\Local\Temp\NOSEventMessages.dll C:\Users\HDS\AppData\Local\Temp\Quarantine.exe C:\Users\HDS\AppData\Local\Temp\vlc-2.1.4-win64.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-29 07:49 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01 Ran by HDS at 2014-07-07 18:43:23 Running from E:\Downloads\trojanerboard Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: G Data InternetSecurity (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0} AS: G Data InternetSecurity (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B} ==================== Installed Programs ====================== 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Acoustica 4.1 (HKLM-x32\...\Acoustica_is1) (Version: 4.1 - Acon Digital Media GmbH) Acronis True Image 2014 (HKLM-x32\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}Visible) (Version: 17.0.6673 - Acronis) Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden Acronis*Disk*Director*11*Home (HKLM-x32\...\{8EFB7927-48AD-4E6D-91B7-6B2BD6C3F380}) (Version: 11.0.2343 - Acronis) Adobe Acrobat 7.0 Professional - English, Français, Deutsch (x32 Version: 7.1.0 - Adobe Systems) Hidden Adobe Acrobat 7.1.0 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 7.0 Professional - English, Français, Deutsch - V) (Version: 7.1.0 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.) Adobe AIR (x32 Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden Adobe Dreamweaver CS4 (HKLM-x32\...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated) Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated) Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated) Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.) Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden Adobe Photoshop Elements 6.0 (HKLM-x32\...\Adobe Photoshop Elements 6) (Version: 6.0 - Adobe Systems, Inc.) Adobe Photoshop Elements 6.0 (x32 Version: 6.0 - Adobe Systems, Inc.) Hidden Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.) Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft) Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ATI AVIVO64 Codecs (Version: 11.6.0.50517 - ATI Technologies Inc.) Hidden ATI Catalyst Install Manager (HKLM\...\{14AF193A-EC13-3B3E-BFBF-D2C471F12718}) (Version: 3.0.778.0 - ATI Technologies, Inc.) Bizzybolt (HKLM\...\Bizzybolt) (Version: 2013.11.20.184610 - Bizzybolt) <==== ATTENTION Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{D6E46FC2-B513-4B7D-8C8C-352F4735C541}) (Version: 12.54.02 - Broadcom Corporation) Brother MFL-Pro Suite MFC-J470DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.) CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.5.0.3 - Canon Inc.) Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.1.6 - Canon Inc.) Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 3.3.0.5 - Canon Inc.) Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.2.21 - Canon Inc.) Canon Utilities Digital Photo Professional 3.4 (HKLM-x32\...\DPP) (Version: 3.4.0.0 - Canon Inc.) Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.4.0.1 - Canon Inc.) Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.4.0.5 - Canon Inc.) Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.3.0.0 - Canon Inc.) Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.) Canon Utilities WFT-E1/E2/E3 Utility (HKLM-x32\...\WFTK) (Version: 3.2.1.1 - Canon Inc.) Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.) capella 7 (HKLM-x32\...\{4623BAA6-0B23-4D47-ABD0-73F2DA4FAF56}) (Version: 7.1.20 - capella software AG) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0517.1742.29870 - ATI) Hidden Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0517.1742.29870 - ATI) Hidden Catalyst Control Center InstallProxy (x32 Version: 2010.0517.1742.29870 - ATI Technologies, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2010.0517.1742.29870 - ATI) Hidden CCC Help Chinese Standard (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Chinese Traditional (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Czech (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Danish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Dutch (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help English (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Finnish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help French (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help German (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Greek (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Hungarian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Italian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Japanese (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Korean (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Norwegian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Polish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Portuguese (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Russian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Spanish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Swedish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Thai (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Turkish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden ccc-core-static (x32 Version: 2010.0517.1742.29870 - Ihr Firmenname) Hidden ccc-utility64 (Version: 2010.0517.1742.29870 - ATI) Hidden Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper) Core FTP LE (HKLM-x32\...\CoreFTP) (Version: - ) DDBAC (HKLM-x32\...\{AC3DC2B3-9380-4966-87B6-9FAEB5E7739C}) (Version: 5.3.25 - DataDesign) DDBAC (HKLM-x32\...\{E3B6D3FB-A593-41BA-9AB1-FFE46F608565}) (Version: 5.3.21 - DataDesign) Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{2A16B95F-7377-410A-B961-EFD9394E1AF3}) (Version: - Microsoft) dradio-Recorder Version 3.02.6 (HKLM-x32\...\dradio-Recorder_is1) (Version: - ) Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.) eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden eXPert PDF 5 (HKLM-x32\...\{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}) (Version: 5.1.200.0 - Visage Software) Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation) Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.2 - Ellora Assets Corporation) freenetMail Dateimanager (HKLM-x32\...\freenetMail Dateimanager) (Version: 1.4.15a - freenet.de GmbH) FreeOCR v5.0 (HKLM-x32\...\freeocr_is1) (Version: - ) G Data InternetSecurity (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.4 - G Data Software AG) Garmin BaseCamp (HKLM-x32\...\{EBAC8FD4-28EC-46F7-BF9E-89D6E6673001}) (Version: 4.2.5 - Garmin Ltd or its subsidiaries) Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries) GeoSetter 3.4.16 (HKLM-x32\...\GeoSetter_is1) (Version: - Friedemann Schmidt) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) GoogleClean (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft) High-Definition Video Playback (x32 Version: 11.1.11100.4.196 - Nero AG) Hidden HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation) HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.0.52.0 - HTC) iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) InetStat (HKCU\...\InetStat) (Version: 0.5b - InetStat) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.) Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation) Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation) Java(TM) 6 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle) Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle) KeePass Password Safe 2.26 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.26 - Dominik Reichl) kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Lexware Info Service (HKLM-x32\...\{85BF9FDB-BD5B-407C-9CAE-3542E5164783}) (Version: 4.00.00.0075 - Haufe-Lexware GmbH & Co.KG) Lexware online banking (HKLM-x32\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG) LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe) Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech) Lotus Notes 6.5.1 de (HKLM-x32\...\{C626B47C-8312-4D8C-89E1-16FE42EF34E6}) (Version: 6.501.421 - IBM) Lupas Rename 2000 v5.0 Release (HKLM-x32\...\Lupas Rename 2000_is1) (Version: - Ivan Anton Albarracin) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation) Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla) Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6422.14 - PC-Doctor, Inc.) MyDriveConnect 3.3.0.1502 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom) MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7129 - MyHeritage.com) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger) Nero 11 Cliparts (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden Nero 11 Disc Menus 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden Nero 11 Disc Menus 2 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden Nero 11 Disc Menus 3 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden Nero 11 Disc Menus Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden Nero 11 Effects Basic (x32 Version: 11.0.11400.14.0 - Nero AG) Hidden Nero 11 Image Samples (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden Nero 11 Kwik Themes 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden Nero 11 Kwik Themes 2 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden Nero 11 Kwik Themes 3 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden Nero 11 Kwik Themes 4 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden Nero 11 PiP Effects 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden Nero 11 PiP Effects Basic (x32 Version: 11.0.11400.14.0 - Nero AG) Hidden Nero 11 Platinum (HKLM-x32\...\{79B3E8EE-35F2-4CCD-82D9-4A57F408E449}) (Version: 11.2.00700 - Nero AG) Nero 11 Video Samples (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden Nero 11 Video Transitions 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden Nero BackItUp 11 (x32 Version: 6.2.18400.2.100 - Nero AG) Hidden Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG) Nero Burning ROM 11 (x32 Version: 11.2.10300.0.0 - Nero AG) Hidden Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden Nero ControlCenter 11 (x32 Version: 11.0.12700.0.27 - Nero AG) Hidden Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden Nero Core Components 11 (x32 Version: 11.0.16300.1.23 - Nero AG) Hidden Nero CoverDesigner 11 (x32 Version: 6.0.11000.13.100 - Nero AG) Hidden Nero CoverDesigner 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden Nero Express 11 (x32 Version: 11.2.10300.0.0 - Nero AG) Hidden Nero Express 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden Nero Kwik Media (x32 Version: 1.10.24800.146.100 - Nero AG) Hidden Nero Kwik Media Help (CHM) (x32 Version: 11.0.10200 - Nero AG) Hidden Nero Recode 11 (x32 Version: 5.2.10900.0.0 - Nero AG) Hidden Nero Recode 11 Help (CHM) (x32 Version: 11.0.10600 - Nero AG) Hidden Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden Nero SharedVideoCodecs (x32 Version: 1.0.11500.1.5 - Nero AG) Hidden Nero SoundTrax 11 (x32 Version: 5.0.10700.6.100 - Nero AG) Hidden Nero SoundTrax 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden Nero Video 11 (x32 Version: 8.2.15700.3.100 - Nero AG) Hidden Nero Video 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden Nero WaveEditor 11 (x32 Version: 6.2.11300.0.100 - Nero AG) Hidden Nero WaveEditor 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden nero.prerequisites.msi (x32 Version: 11.0.20010 - Nero AG) Hidden Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia) Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia) Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge) Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) PrintEco Office (HKLM-x32\...\{864C0654-5C9F-4F03-85D5-47CA3062C7E2}) (Version: 1.4.70 - PrintEco) Quicken 2014 (HKLM-x32\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.37.00.0185 - Haufe-Lexware GmbH & Co.KG) Quicken DELUXE Jubiläumsversion (HKLM-x32\...\{A907A713-DA24-4352-8786-96C7A6944646}) (Version: 20.36.00.0134 - Haufe-Lexware GmbH & Co.KG) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden Rossmann Fotowelt Software 4.13 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.13 - ORWO Net) Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden SUPER © v2014.build.60+Recorder (2014/02/18) Version v2014.buil (HKLM-x32\...\{8E2A18E2-96AF-8549-4DE7-5C06B75719A4}_is1) (Version: v2014.build.60+Recorder - eRightSoft) SuperCar (HKLM-x32\...\SuperCar) (Version: - ) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TAXMAN 2014 spezial (HKLM-x32\...\{23CCE76F-7421-4090-8081-BD519F2F93F4}) (Version: 20.04.00.0003 - Haufe-Lexware GmbH & Co.KG) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer) Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.SingleImage_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.SingleImage_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0410-1000-0000000FF1CE}_Office14.SingleImage_{B2508D75-61CF-4CC0-84C0-CF257219201D}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.SingleImage_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.SingleImage_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version: - Microsoft) UpdateYeti (HKLM-x32\...\UpdateYeti_is1) (Version: 2.16 - Abelssoft) Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN) Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin) Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) XnView 2.12 (HKLM-x32\...\XnView_is1) (Version: 2.12 - Gougelet Pierre-e) ==================== Restore Points ========================= 22-06-2014 16:11:57 Windows Update 28-06-2014 10:21:06 Windows Update 02-07-2014 07:36:40 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2014-03-31 15:24 - 00000863 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 google-analytics.com ==================== Scheduled Tasks (whitelisted) ============= Task: {1FECA8C6-0AF7-4BDA-8463-A95604FC3964} - System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck => C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe [2014-01-08] () Task: {30EE096A-F76E-4793-97A4-C487EA3C2650} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-12-03] (PC-Doctor, Inc.) Task: {38565432-BFA7-4836-8020-C12C9F5E6DF8} - System32\Tasks\Abelssoft\UpdateYeti scan => C:\Program Files (x86)\UpdateYeti\UpdateYeti.exe [2014-02-18] (Ascora GmbH) Task: {435A0533-5AF4-4078-B580-08CAFB0A7898} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {50F7C0A7-34B3-43E2-8E84-D811DB9F182D} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-12-03] (PC-Doctor, Inc.) Task: {95BC6CCC-9B9B-45BA-A5F6-AAA741E5E77B} - System32\Tasks\AntiBrowserSpy - SocialBlock - IE => C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe [2014-01-08] () Task: {980E0CDC-C1FE-4BFD-8CB8-F6F7CB6F5481} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated) Task: {CDD01417-B496-493F-B6DD-43A9FFC02AF3} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2014-01-08] () Task: {E3F06EE1-F3B9-4C89-A4E3-3CA6A1E74C5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-05] (Google Inc.) Task: {E83FDDA6-C32F-4394-A1AB-B03D54319006} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-05] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2007-09-11 00:45 - 2007-09-11 00:45 - 00124832 _____ () C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 2014-01-05 13:17 - 2012-12-07 18:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2014-01-04 13:50 - 2005-04-22 06:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll 2014-02-25 16:15 - 2014-01-08 09:21 - 00778240 _____ () C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe 2014-02-25 16:15 - 2014-01-08 09:18 - 01136640 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe 2013-10-01 11:32 - 2013-10-01 11:32 - 02818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll 2014-02-25 16:15 - 2014-01-08 09:21 - 00823424 _____ () C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe 2014-02-25 16:15 - 2014-01-08 09:21 - 00055936 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbSettings.dll 2014-02-25 16:15 - 2014-01-08 09:21 - 00861312 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyResources.dll 2014-02-25 16:15 - 2014-01-08 09:21 - 01340032 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyLibrary.dll 2014-02-25 16:15 - 2014-01-08 09:21 - 01401472 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbGui.dll 2014-02-25 16:15 - 2014-01-08 09:21 - 00016000 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbProcessManager.dll 2011-11-15 19:44 - 2011-11-15 19:44 - 02155848 _____ () C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe 2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll 2014-01-04 15:15 - 2012-04-03 18:14 - 00041472 _____ () C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe 2008-11-18 13:00 - 2008-11-18 13:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2010-05-17 18:40 - 2010-05-17 18:40 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2014-03-21 16:07 - 2014-03-21 16:07 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe 2014-05-20 03:38 - 2014-05-20 03:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-03-21 16:05 - 2014-03-21 16:05 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll 2014-03-21 16:06 - 2014-03-21 16:06 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll 2014-03-21 16:06 - 2014-03-21 16:06 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll 2014-03-21 16:06 - 2014-03-21 16:06 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll 2014-03-21 16:06 - 2014-03-21 16:06 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll 2014-03-21 16:08 - 2014-03-21 16:08 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll 2014-03-21 16:09 - 2014-03-21 16:09 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll 2014-01-04 13:50 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2013-10-10 13:02 - 2013-10-10 13:02 - 00013120 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll 2014-02-04 19:25 - 2014-02-04 19:25 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll 2014-02-04 19:28 - 2014-02-04 19:28 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll 2014-06-03 18:43 - 2014-06-06 06:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-10-01 12:00 - 2013-10-01 12:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/07/2014 06:35:19 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/07/2014 06:18:49 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Das Stammelement der Manifestdatei muss assembliert sein. Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8019 Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8019 Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7020 Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7020 Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6022 Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6022 System errors: ============= Error: (07/07/2014 06:18:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst afcdpsrv erreicht. Error: (07/07/2014 00:06:54 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {1EF75F33-893B-4E8F-9655-C3D602BA4897} Error: (07/03/2014 09:36:03 PM) (Source: srv) (EventID: 2017) (User: ) Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde. Error: (07/03/2014 08:44:25 PM) (Source: srv) (EventID: 2017) (User: ) Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde. Error: (07/03/2014 08:44:05 PM) (Source: srv) (EventID: 2017) (User: ) Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde. Error: (07/03/2014 08:43:25 PM) (Source: srv) (EventID: 2017) (User: ) Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde. Error: (07/03/2014 08:43:05 PM) (Source: srv) (EventID: 2017) (User: ) Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde. Error: (07/03/2014 08:42:25 PM) (Source: srv) (EventID: 2017) (User: ) Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde. Error: (07/03/2014 08:38:05 PM) (Source: srv) (EventID: 2017) (User: ) Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde. Error: (07/03/2014 08:37:45 PM) (Source: srv) (EventID: 2017) (User: ) Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde. Microsoft Office Sessions: ========================= Error: (07/07/2014 06:35:19 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\Downloads\trojanerboard\esetsmartinstaller_enu.exe Error: (07/07/2014 06:18:49 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll.ManifestC:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll.Manifest2 Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8019 Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8019 Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7020 Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7020 Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6022 Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6022 ==================== Memory info =========================== Percentage of memory in use: 34% Total physical RAM: 6103.12 MB Available physical RAM: 3990.33 MB Total Pagefile: 12204.41 MB Available Pagefile: 8727.71 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:1862.92 GB) (Free:1764.17 GB) NTFS Drive d: () (Fixed) (Total:425.58 GB) (Free:207.57 GB) NTFS Drive e: (Eigene Dateien) (Fixed) (Total:554.98 GB) (Free:244.44 GB) NTFS Drive i: () (Fixed) (Total:662.53 GB) (Free:182.89 GB) NTFS Drive j: (MEDIA) (Removable) (Total:29.71 GB) (Free:23.96 GB) FAT32 Drive o: (Kopie C alt) (Fixed) (Total:205.97 GB) (Free:37.65 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 1863 GB) (Disk ID: 6E7A038E) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=-198731366400) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 1863 GB) (Disk ID: 722B620C) Partition 1: (Not Active) - (Size=150 MB) - (Type=DE) Partition 2: (Not Active) - (Size=206 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=-434765733888) - (Type=05) ======================================================== Disk: 2 (Size: 30 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================ GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2014-07-07 20:23:44 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST2000DM001-1CH164 rev.CC29 1863,02GB Running: Gmer-19357.exe; Driver: C:\Users\HDS\AppData\Local\Temp\awlyipow.sys ---- Kernel code sections - GMER 2.1 ---- INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800031f6000 45 bytes [00, 00, 12, 02, 47, 44, 57, ...] INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 574 fffff800031f602e 17 bytes [5C, 00, 55, 00, 53, 00, 45, ...] ---- Threads - GMER 2.1 ---- Thread C:\Windows\System32\svchost.exe [1120:4064] 000007fee7c0a2b0 Thread C:\Windows\System32\svchost.exe [1120:1824] 000007fee52a3efc Thread C:\Windows\System32\svchost.exe [1120:4816] 000007fee52e8a4c Thread C:\Windows\system32\svchost.exe [1580:1164] 000007fefa2335c0 Thread C:\Windows\system32\svchost.exe [1580:5116] 000007fefa235600 Thread C:\Windows\system32\svchost.exe [1580:3812] 000007fee8662888 Thread C:\Windows\system32\svchost.exe [1580:2716] 000007fee84b2940 Thread C:\Windows\system32\svchost.exe [1580:4104] 000007fee8662a40 Thread C:\Windows\system32\svchost.exe [2312:2620] 000007fef99e5fd0 Thread C:\Windows\system32\svchost.exe [2312:2700] 000007fef91a3438 Thread C:\Windows\system32\svchost.exe [2312:2712] 000007fef99e63ec Thread C:\Windows\system32\svchost.exe [2312:2848] 000000000033b128 Thread C:\Windows\system32\svchost.exe [2312:2984] 000007fef9a6a850 Thread C:\Windows\system32\Dwm.exe [2600:2956] 000007fef988f0d8 Thread C:\Windows\system32\Dwm.exe [2600:2960] 000007fef669abf0 Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:2944] 000007fef7f2bd94 Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:2948] 000007fef7ea3368 Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:5060] 000007fef7ed87b8 Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6440] 000007fef24b4bf4 Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6608] 000007fef7fb8970 Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:4796] 000007fef7ea3368 Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6016] 000007fef7ea3368 Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:3484] 000007fef7ea3368 Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6468] 000007fef7e993d4 Thread C:\Windows\system32\wbem\wmiprvse.exe [3204:3244] 000007fef08210f0 Thread C:\Windows\System32\WUDFHost.exe [5056:5280] 000007fee78624a0 ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- EOF - GMER 2.1 ---- ---GData-------------- Ihr Rechner wurden von einem entfernten Rechner auf offene Internet-Dienste (Ports) abgetastet. Die Firewall hat diesen Angriff unterbunden. Netzwerk Info: Netzwerk : LAN-Verbindung 2 Entfernter Rechner : 193.175.234.83 (nugo.dife.de) Besten Dank im voraus Masin |
|
08.07.2014, 05:52
| #2 |
| /// the machine /// TB-Ausbilder    | Sehr langsamer Programmstart hi,
__________________ So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
08.07.2014, 07:59
| #3 |
| | Sehr langsamer Programmstart Hallo Schrauber,
__________________entschuldige, dass ich das Beifügen der Log-Dateien verkehrt gemacht habe. Jetzt also richtig, incl. TDSS-Killer-Report: Nein, Dateien sind zu groß, ich soll sie als Anhänge liefern. Das Problem ist die TDSS-Datei: Sie ist als Anhang zu groß, also muss ich sie doch hier einfügen. Dir schon mal besten Dank für die Hilfe. Masin Code:
ATTFilter 08:51:06.0312 0x1ed4 TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54
08:51:08.0772 0x1ed4 ============================================================
08:51:08.0772 0x1ed4 Current date / time: 2014/07/08 08:51:08.0772
08:51:08.0772 0x1ed4 SystemInfo:
08:51:08.0772 0x1ed4
08:51:08.0772 0x1ed4 OS Version: 6.1.7601 ServicePack: 1.0
08:51:08.0772 0x1ed4 Product type: Workstation
08:51:08.0772 0x1ed4 ComputerName: HDS-NEU2
08:51:08.0772 0x1ed4 UserName: HDS
08:51:08.0772 0x1ed4 Windows directory: C:\Windows
08:51:08.0772 0x1ed4 System windows directory: C:\Windows
08:51:08.0772 0x1ed4 Running under WOW64
08:51:08.0772 0x1ed4 Processor architecture: Intel x64
08:51:08.0772 0x1ed4 Number of processors: 4
08:51:08.0772 0x1ed4 Page size: 0x1000
08:51:08.0772 0x1ed4 Boot type: Normal boot
08:51:08.0772 0x1ed4 ============================================================
08:51:11.0082 0x1ed4 KLMD registered as C:\Windows\system32\drivers\09465781.sys
08:51:11.0342 0x1ed4 System UUID: {A974136A-F8B4-94EC-10BF-7F71AE75B0DB}
08:51:11.0772 0x1ed4 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:51:11.0782 0x1ed4 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:51:11.0802 0x1ed4 Drive \Device\Harddisk2\DR2 - Size: 0x76E480000 ( 29.72 Gb ), SectorSize: 0x200, Cylinders: 0xF28, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:51:11.0832 0x1ed4 ============================================================
08:51:11.0832 0x1ed4 \Device\Harddisk0\DR0:
08:51:11.0832 0x1ed4 MBR partitions:
08:51:11.0832 0x1ed4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:51:11.0832 0x1ed4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800
08:51:11.0832 0x1ed4 \Device\Harddisk1\DR1:
08:51:11.0832 0x1ed4 MBR partitions:
08:51:11.0832 0x1ed4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1BEA800, BlocksNum 0x19BEE800
08:51:11.0832 0x1ed4 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1B7D9800, BlocksNum 0x455F5000
08:51:11.0832 0x1ed4 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x60DCF000, BlocksNum 0x35328800
08:51:11.0832 0x1ed4 \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x960F8000, BlocksNum 0x52D10800
08:51:11.0832 0x1ed4 \Device\Harddisk2\DR2:
08:51:11.0832 0x1ed4 MBR partitions:
08:51:11.0832 0x1ed4 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x3B70400
08:51:11.0832 0x1ed4 ============================================================
08:51:11.0852 0x1ed4 C: <-> \Device\Harddisk0\DR0\Partition2
08:51:11.0892 0x1ed4 O: <-> \Device\Harddisk1\DR1\Partition1
08:51:11.0922 0x1ed4 I: <-> \Device\Harddisk1\DR1\Partition4
08:51:11.0942 0x1ed4 D: <-> \Device\Harddisk1\DR1\Partition3
08:51:11.0972 0x1ed4 E: <-> \Device\Harddisk1\DR1\Partition2
08:51:11.0972 0x1ed4 ============================================================
08:51:11.0972 0x1ed4 Initialize success
08:51:11.0972 0x1ed4 ============================================================
08:51:32.0475 0x0704 ============================================================
08:51:32.0475 0x0704 Scan started
08:51:32.0475 0x0704 Mode: Manual; SigCheck; TDLFS;
08:51:32.0475 0x0704 ============================================================
08:51:32.0475 0x0704 KSN ping started
08:51:46.0007 0x0704 KSN ping finished: true
08:51:46.0997 0x0704 ================ Scan system memory ========================
08:51:46.0997 0x0704 System memory - ok
08:51:46.0997 0x0704 ================ Scan services =============================
08:51:47.0157 0x0704 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:51:47.0257 0x0704 1394ohci - ok
08:51:47.0287 0x0704 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:51:47.0317 0x0704 ACPI - ok
08:51:47.0327 0x0704 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:51:47.0337 0x0704 AcpiPmi - ok
08:51:47.0447 0x0704 [ CD41DFA7A778555B2055E2D388F5CB33, AE149AB7823AE3A97E2826C06968F32A7E50331484203E4581C83E441A1680F9 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
08:51:47.0477 0x0704 AcrSch2Svc - ok
08:51:47.0537 0x0704 [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
08:51:47.0547 0x0704 Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
08:51:47.0847 0x0704 Detect skipped due to KSN trusted
08:51:47.0847 0x0704 Adobe LM Service - ok
08:51:47.0907 0x0704 [ E8FE4FCE23D2809BD88BCC1D0F8408CE, D744A1052BF104490A8D9BDE2B331F2C0157FCF58B54867E192B62CEE85F697E ] AdobeActiveFileMonitor6.0 C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
08:51:47.0937 0x0704 AdobeActiveFileMonitor6.0 - ok
08:51:47.0987 0x0704 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:51:48.0007 0x0704 AdobeARMservice - ok
08:51:48.0097 0x0704 [ B5D8DE922237CEDDC7992297654A4BE4, 88EF0B5EBFB383C9069A29AEA8D76EDBE1E70DD6F7C18970EE01ECAE9F408B38 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:51:48.0127 0x0704 AdobeFlashPlayerUpdateSvc - ok
08:51:48.0177 0x0704 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:51:48.0207 0x0704 adp94xx - ok
08:51:48.0217 0x0704 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:51:48.0237 0x0704 adpahci - ok
08:51:48.0257 0x0704 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:51:48.0267 0x0704 adpu320 - ok
08:51:48.0297 0x0704 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:51:48.0327 0x0704 AeLookupSvc - ok
08:51:48.0377 0x0704 [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2, BBB1FB1A80D9641CB7965A75B8CB8094F0876E9631A93E6BDCC53A016EB48D05 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
08:51:48.0417 0x0704 AERTFilters - ok
08:51:48.0447 0x0704 [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
08:51:48.0497 0x0704 afcdp - ok
08:51:48.0827 0x0704 [ 3B1C11CB7006495F799F8A2AB8B2D530, B7B0C4922A1843BBF8104CDC705C4FEA1F1A760C1CC2BD6BC5E4213A0E4ED9FD ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
08:51:48.0917 0x0704 afcdpsrv - ok
08:51:48.0957 0x0704 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
08:51:48.0977 0x0704 AFD - ok
08:51:49.0007 0x0704 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
08:51:49.0017 0x0704 agp440 - ok
08:51:49.0027 0x0704 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
08:51:49.0037 0x0704 ALG - ok
08:51:49.0097 0x0704 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
08:51:49.0117 0x0704 aliide - ok
08:51:49.0147 0x0704 [ F0E61CF2C0FDA5B011CD1CB2E2353C9A, B1CE3BB3ED8ED78468B11C7AFB64B0CD48C078C350F049EC9473B60F6130091E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:51:49.0177 0x0704 AMD External Events Utility - ok
08:51:49.0197 0x0704 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
08:51:49.0207 0x0704 amdide - ok
08:51:49.0257 0x0704 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:51:49.0287 0x0704 AmdK8 - ok
08:51:49.0507 0x0704 [ CF3DB4D8B2CE0B282AB39C9D846ECA74, 1679FE9444057D8EFF1389C5EA9677B914DC269BBE447B2684A05FE4E438014A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:51:49.0677 0x0704 amdkmdag - ok
08:51:49.0697 0x0704 [ 7D07DB26F6D3A16A6C8D34CE6C09FD01, 6ABE6D29ABA9F1E3A08A2FE7E5C1AF304093A8FE148340F5DA5A4F7C20F44753 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
08:51:49.0717 0x0704 amdkmdap - ok
08:51:49.0727 0x0704 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:51:49.0737 0x0704 AmdPPM - ok
08:51:49.0797 0x0704 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:51:49.0807 0x0704 amdsata - ok
08:51:49.0827 0x0704 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:51:49.0847 0x0704 amdsbs - ok
08:51:49.0867 0x0704 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:51:49.0877 0x0704 amdxata - ok
08:51:49.0917 0x0704 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
08:51:49.0987 0x0704 AppID - ok
08:51:50.0007 0x0704 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:51:50.0057 0x0704 AppIDSvc - ok
08:51:50.0077 0x0704 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
08:51:50.0087 0x0704 Appinfo - ok
08:51:50.0177 0x0704 [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:51:50.0197 0x0704 Apple Mobile Device - ok
08:51:50.0227 0x0704 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
08:51:50.0257 0x0704 AppMgmt - ok
08:51:50.0277 0x0704 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
08:51:50.0297 0x0704 arc - ok
08:51:50.0307 0x0704 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:51:50.0317 0x0704 arcsas - ok
08:51:50.0407 0x0704 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:51:50.0437 0x0704 aspnet_state - ok
08:51:50.0467 0x0704 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:51:50.0507 0x0704 AsyncMac - ok
08:51:50.0547 0x0704 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
08:51:50.0577 0x0704 atapi - ok
08:51:50.0617 0x0704 [ 637E0753BD6DEB8EA5314A5C357EC1A0, 2B479DBBF72A2AFB3DC65A3FDA30B628BC9FB21160EBD7E1BE44404C671B1D08 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
08:51:50.0637 0x0704 AtiHdmiService - ok
08:51:50.0697 0x0704 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:51:50.0747 0x0704 AudioEndpointBuilder - ok
08:51:50.0757 0x0704 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:51:50.0807 0x0704 AudioSrv - ok
08:51:50.0977 0x0704 [ EEB33B500F7C3A2CC64FB6836D9E93B6, BE41CB08DFC11770C3BC0A213CDF2EFB52043B38DD9E228DBEDE53D4A00B314D ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
08:51:51.0027 0x0704 AVKProxy - ok
08:51:51.0127 0x0704 [ 56C6F2D7F1D515B4B534217443D3B67F, CB9E94EE515EE7C426B34EC40DFDEF27893C3379C011B2FF6EEF318A34BCF482 ] AVKService C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
08:51:51.0157 0x0704 AVKService - ok
08:51:51.0227 0x0704 [ 258B9C230D2A904349CDF18CAD6B22BE, A270FF5D58C516272C248E22FD5ED3C4F279D0348154D56E13E88D05820E9246 ] AVKWCtl C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
08:51:51.0297 0x0704 AVKWCtl - ok
08:51:51.0317 0x0704 [ 43744F1D3CDE20F3925F10927C9036C2, 47374A71D1A38572B8C247E924C0F3F063A6281743C9B7D818D63CA576B5D289 ] AVMCOWAN C:\Windows\system32\DRIVERS\AVMCOWAN.sys
08:51:51.0327 0x0704 AVMCOWAN - ok
08:51:51.0357 0x0704 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:51:51.0377 0x0704 AxInstSV - ok
08:51:51.0417 0x0704 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:51:51.0457 0x0704 b06bdrv - ok
08:51:51.0487 0x0704 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:51:51.0507 0x0704 b57nd60a - ok
08:51:51.0557 0x0704 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
08:51:51.0587 0x0704 BDESVC - ok
08:51:51.0597 0x0704 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
08:51:51.0637 0x0704 Beep - ok
08:51:51.0697 0x0704 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
08:51:51.0737 0x0704 BFE - ok
08:51:51.0787 0x0704 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
08:51:51.0837 0x0704 BITS - ok
08:51:51.0847 0x0704 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:51:51.0867 0x0704 blbdrive - ok
08:51:51.0937 0x0704 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:51:51.0967 0x0704 Bonjour Service - ok
08:51:51.0997 0x0704 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:51:52.0007 0x0704 bowser - ok
08:51:52.0027 0x0704 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:51:52.0037 0x0704 BrFiltLo - ok
08:51:52.0067 0x0704 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:51:52.0087 0x0704 BrFiltUp - ok
08:51:52.0107 0x0704 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
08:51:52.0127 0x0704 Browser - ok
08:51:52.0157 0x0704 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:51:52.0177 0x0704 Brserid - ok
08:51:52.0197 0x0704 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:51:52.0227 0x0704 BrSerWdm - ok
08:51:52.0227 0x0704 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:51:52.0247 0x0704 BrUsbMdm - ok
08:51:52.0257 0x0704 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:51:52.0277 0x0704 BrUsbSer - ok
08:51:52.0307 0x0704 [ 065818B8A2CD7F08D6DC8C598191548C, 08982EB22484ECCA1A7FD0C6A10E6D0BB09F624CEBC397C9B241C2D75C984C70 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
08:51:52.0327 0x0704 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
08:51:52.0587 0x0704 Detect skipped due to KSN trusted
08:51:52.0587 0x0704 BrYNSvc - ok
08:51:52.0627 0x0704 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:51:52.0657 0x0704 BTHMODEM - ok
08:51:52.0687 0x0704 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
08:51:52.0737 0x0704 bthserv - ok
08:51:52.0757 0x0704 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:51:52.0787 0x0704 cdfs - ok
08:51:52.0857 0x0704 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:51:52.0887 0x0704 cdrom - ok
08:51:52.0937 0x0704 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
08:51:52.0997 0x0704 CertPropSvc - ok
08:51:53.0007 0x0704 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:51:53.0037 0x0704 circlass - ok
08:51:53.0057 0x0704 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
08:51:53.0077 0x0704 CLFS - ok
08:51:53.0147 0x0704 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:51:53.0167 0x0704 clr_optimization_v2.0.50727_32 - ok
08:51:53.0217 0x0704 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:51:53.0237 0x0704 clr_optimization_v2.0.50727_64 - ok
08:51:53.0307 0x0704 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:51:53.0337 0x0704 clr_optimization_v4.0.30319_32 - ok
08:51:53.0347 0x0704 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:51:53.0367 0x0704 clr_optimization_v4.0.30319_64 - ok
08:51:53.0387 0x0704 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:51:53.0407 0x0704 CmBatt - ok
08:51:53.0447 0x0704 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:51:53.0477 0x0704 cmdide - ok
08:51:53.0537 0x0704 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
08:51:53.0577 0x0704 CNG - ok
08:51:53.0587 0x0704 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:51:53.0607 0x0704 Compbatt - ok
08:51:53.0657 0x0704 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:51:53.0697 0x0704 CompositeBus - ok
08:51:53.0707 0x0704 COMSysApp - ok
08:51:53.0717 0x0704 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:51:53.0747 0x0704 crcdisk - ok
08:51:53.0777 0x0704 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:51:53.0797 0x0704 CryptSvc - ok
08:51:53.0837 0x0704 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
08:51:53.0867 0x0704 CSC - ok
08:51:53.0907 0x0704 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
08:51:53.0937 0x0704 CscService - ok
08:51:53.0957 0x0704 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:51:53.0997 0x0704 DcomLaunch - ok
08:51:54.0017 0x0704 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
08:51:54.0047 0x0704 defragsvc - ok
08:51:54.0077 0x0704 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:51:54.0107 0x0704 DfsC - ok
08:51:54.0127 0x0704 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
08:51:54.0147 0x0704 Dhcp - ok
08:51:54.0147 0x0704 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
08:51:54.0177 0x0704 discache - ok
08:51:54.0197 0x0704 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:51:54.0207 0x0704 Disk - ok
08:51:54.0227 0x0704 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:51:54.0237 0x0704 Dnscache - ok
08:51:54.0267 0x0704 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
08:51:54.0297 0x0704 dot3svc - ok
08:51:54.0327 0x0704 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
08:51:54.0357 0x0704 DPS - ok
08:51:54.0417 0x0704 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:51:54.0437 0x0704 drmkaud - ok
08:51:54.0497 0x0704 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:51:54.0537 0x0704 DXGKrnl - ok
08:51:54.0557 0x0704 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
08:51:54.0587 0x0704 EapHost - ok
08:51:54.0707 0x0704 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:51:54.0797 0x0704 ebdrv - ok
08:51:54.0837 0x0704 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
08:51:54.0867 0x0704 EFS - ok
08:51:54.0927 0x0704 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:51:54.0967 0x0704 ehRecvr - ok
08:51:54.0997 0x0704 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
08:51:55.0017 0x0704 ehSched - ok
08:51:55.0067 0x0704 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:51:55.0097 0x0704 elxstor - ok
08:51:55.0117 0x0704 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:51:55.0137 0x0704 ErrDev - ok
08:51:55.0167 0x0704 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
08:51:55.0207 0x0704 EventSystem - ok
08:51:55.0227 0x0704 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
08:51:55.0257 0x0704 exfat - ok
08:51:55.0277 0x0704 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:51:55.0307 0x0704 fastfat - ok
08:51:55.0357 0x0704 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
08:51:55.0397 0x0704 Fax - ok
08:51:55.0417 0x0704 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:51:55.0427 0x0704 fdc - ok
08:51:55.0437 0x0704 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
08:51:55.0467 0x0704 fdPHost - ok
08:51:55.0487 0x0704 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
08:51:55.0507 0x0704 FDResPub - ok
08:51:55.0517 0x0704 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:51:55.0527 0x0704 FileInfo - ok
08:51:55.0537 0x0704 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:51:55.0567 0x0704 Filetrace - ok
08:51:55.0627 0x0704 [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:51:55.0657 0x0704 FLEXnet Licensing Service - ok
08:51:55.0677 0x0704 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:51:55.0697 0x0704 flpydisk - ok
08:51:55.0727 0x0704 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:51:55.0737 0x0704 FltMgr - ok
08:51:55.0757 0x0704 [ FDD776FAC4159A2983940D1E411FE9F3, 3B147B4D3C5CC67117D65152FA8BD3A603728C92B023AE45CD166E6FF3F474C5 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys
08:51:55.0767 0x0704 fltsrv - ok
08:51:55.0867 0x0704 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
08:51:55.0908 0x0704 FontCache - ok
08:51:55.0968 0x0704 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:51:55.0988 0x0704 FontCache3.0.0.0 - ok
08:51:56.0048 0x0704 [ CE7593C10A04D08F9B043890216F5728, 21E4AD5643BCDCB811E49C74F682672032A603078EDD80DE6E37249C9A005407 ] FPCIBASE C:\Windows\system32\DRIVERS\fpcibase.sys
08:51:56.0088 0x0704 FPCIBASE - ok
08:51:56.0218 0x0704 [ 6A4AC533855F11C10764FFDF2AC3F7D0, 16DD69AF4CD85FBEC4CA4C9728D1FCE41E24FE663F6AFA3CFA394C8CBA6275F3 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
08:51:56.0238 0x0704 Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
08:51:56.0518 0x0704 Detect skipped due to KSN trusted
08:51:56.0518 0x0704 Freemake Improver - ok
08:51:56.0578 0x0704 [ E54DA03A8EEB8C002C6F2E709B08651A, 82B46688494AD687D1256D6B48F86699467419D0D0A980E9F639764EA4792CE7 ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
08:51:56.0588 0x0704 FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )
08:51:56.0888 0x0704 Detect skipped due to KSN trusted
08:51:56.0888 0x0704 FreemakeVideoCapture - ok
08:51:56.0908 0x0704 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:51:56.0938 0x0704 FsDepends - ok
08:51:56.0958 0x0704 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:51:56.0978 0x0704 Fs_Rec - ok
08:51:56.0998 0x0704 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:51:57.0028 0x0704 fvevol - ok
08:51:57.0038 0x0704 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:51:57.0048 0x0704 gagp30kx - ok
08:51:57.0078 0x0704 [ 1EDC1A2C1762EF7A0782938F17971C12, DDC021AD302589E8A9831A90489F7CFCABBADA5BA9C5623583CC9ED0700B2113 ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
08:51:57.0088 0x0704 GDBehave - ok
08:51:57.0188 0x0704 [ 69696B81799AA3CD816D99D606E97941, 2A41DA72FE4465ECA21B56D82CC18E1C26B84D5F1F4B605C2D1D4CF741F1D73C ] GDFwSvc C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
08:51:57.0268 0x0704 GDFwSvc - ok
08:51:57.0328 0x0704 [ 9F17FCAF51F361A81EE6AB8B0CFDCC96, C9B01E35A442C91F73FA64758734CD553688E19925FEC84A66AF6AEA5033348D ] GDKBFlt C:\Windows\system32\drivers\GDKBFlt64.sys
08:51:57.0338 0x0704 GDKBFlt - ok
08:51:57.0368 0x0704 [ 905D29BA89387209BD41126E91E0E18E, 4A2D85F218E7033A0169DDBA267FC1A1F6CD4B3810DE705A74CBEAF78A8F4747 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
08:51:57.0378 0x0704 GDMnIcpt - ok
08:51:57.0418 0x0704 [ 527B1CAA9661D518AC5182292C35AEC7, 1E56FC0EDFED7D60798930812AB0BB623A6721D433B69AD0152379B412CCE4D4 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
08:51:57.0428 0x0704 GDPkIcpt - ok
08:51:57.0498 0x0704 [ CC88D7254787D15B84377137BF739F90, F01BF995EDB533C7E6F2A5B9591DA0B4F8F4E79CC45C2DA73198F4B4A8624F0B ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
08:51:57.0528 0x0704 GDScan - ok
08:51:57.0548 0x0704 [ E06B66227AF4E660D5F18D44231D984F, C8E75C7925E74F6811DFFDB81F5572DAAD124EC156B0FFBA4FF0DD60378EFA6A ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd64.sys
08:51:57.0558 0x0704 gdwfpcd - ok
08:51:57.0598 0x0704 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:51:57.0608 0x0704 GEARAspiWDM - ok
08:51:57.0668 0x0704 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
08:51:57.0708 0x0704 gpsvc - ok
08:51:57.0728 0x0704 [ 380B83300E019065C3B5FA47136F8356, 4279367B4C9683A855C26A0012C3C078EDF21957D97F07FB1F07EB363F674C14 ] GRD C:\Windows\system32\drivers\GRD.sys
08:51:57.0738 0x0704 GRD - ok
08:51:57.0818 0x0704 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:51:57.0848 0x0704 gupdate - ok
08:51:57.0848 0x0704 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:51:57.0858 0x0704 gupdatem - ok
08:51:57.0918 0x0704 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:51:57.0948 0x0704 gusvc - ok
08:51:57.0968 0x0704 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:51:57.0988 0x0704 hcw85cir - ok
08:51:58.0038 0x0704 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:51:58.0068 0x0704 HdAudAddService - ok
08:51:58.0098 0x0704 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:51:58.0108 0x0704 HDAudBus - ok
08:51:58.0138 0x0704 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
08:51:58.0148 0x0704 HECIx64 - ok
08:51:58.0158 0x0704 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:51:58.0168 0x0704 HidBatt - ok
08:51:58.0198 0x0704 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:51:58.0218 0x0704 HidBth - ok
08:51:58.0238 0x0704 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:51:58.0258 0x0704 HidIr - ok
08:51:58.0268 0x0704 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
08:51:58.0298 0x0704 hidserv - ok
08:51:58.0338 0x0704 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:51:58.0368 0x0704 HidUsb - ok
08:51:58.0388 0x0704 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:51:58.0458 0x0704 hkmsvc - ok
08:51:58.0488 0x0704 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:51:58.0508 0x0704 HomeGroupListener - ok
08:51:58.0538 0x0704 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:51:58.0548 0x0704 HomeGroupProvider - ok
08:51:58.0568 0x0704 [ EB6EB3DCC2AD18236EEC42B2FC7BD806, A1334E802997FA2DF34B3C2860731BE03ADB5D1908DDBBCB4A46761ACC568573 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
08:51:58.0578 0x0704 HookCentre - ok
08:51:58.0638 0x0704 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:51:58.0668 0x0704 HpSAMD - ok
08:51:58.0708 0x0704 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
08:51:58.0738 0x0704 HTCAND64 - ok
08:51:58.0828 0x0704 [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
08:51:58.0848 0x0704 HTCMonitorService - ok
08:51:58.0868 0x0704 [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
08:51:58.0888 0x0704 htcnprot - ok
08:51:58.0918 0x0704 [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32 C:\Windows\system32\DRIVERS\HtcVComV64.sys
08:51:58.0958 0x0704 HtcVCom32 - ok
08:51:59.0018 0x0704 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:51:59.0068 0x0704 HTTP - ok
08:51:59.0078 0x0704 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:51:59.0088 0x0704 hwpolicy - ok
08:51:59.0148 0x0704 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:51:59.0158 0x0704 i8042prt - ok
08:51:59.0188 0x0704 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:51:59.0208 0x0704 iaStorV - ok
08:51:59.0268 0x0704 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:51:59.0288 0x0704 idsvc - ok
08:51:59.0298 0x0704 IEEtwCollectorService - ok
08:51:59.0328 0x0704 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:51:59.0338 0x0704 iirsp - ok
08:51:59.0378 0x0704 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
08:51:59.0408 0x0704 IKEEXT - ok
08:51:59.0478 0x0704 [ F04D22D7A49A1B2210DBADF0B803E870, EC3CB81392784E1FBA79846D9241A8F58B5C0B03733A161AAB3EA5ECF4105A11 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:51:59.0528 0x0704 IntcAzAudAddService - ok
08:51:59.0548 0x0704 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
08:51:59.0558 0x0704 intelide - ok
08:51:59.0568 0x0704 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:51:59.0578 0x0704 intelppm - ok
08:51:59.0598 0x0704 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:51:59.0628 0x0704 IPBusEnum - ok
08:51:59.0648 0x0704 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:51:59.0678 0x0704 IpFilterDriver - ok
08:51:59.0708 0x0704 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:51:59.0728 0x0704 iphlpsvc - ok
08:51:59.0778 0x0704 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:51:59.0788 0x0704 IPMIDRV - ok
08:51:59.0798 0x0704 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:51:59.0828 0x0704 IPNAT - ok
08:51:59.0878 0x0704 [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:51:59.0898 0x0704 iPod Service - ok
08:51:59.0918 0x0704 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:51:59.0928 0x0704 IRENUM - ok
08:51:59.0958 0x0704 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:51:59.0968 0x0704 isapnp - ok
08:52:00.0008 0x0704 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:52:00.0038 0x0704 iScsiPrt - ok
08:52:00.0078 0x0704 [ 9D7EA8C7215D8D4AE7BE110EEE61085D, C8AEC99985AEAD52FA4FA14DA98EE465594EA1392E2010D0B474CD467D766EE8 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
08:52:00.0098 0x0704 k57nd60a - ok
08:52:00.0108 0x0704 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:52:00.0118 0x0704 kbdclass - ok
08:52:00.0138 0x0704 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:52:00.0148 0x0704 kbdhid - ok
08:52:00.0168 0x0704 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
08:52:00.0178 0x0704 KeyIso - ok
08:52:00.0228 0x0704 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:52:00.0248 0x0704 KSecDD - ok
08:52:00.0268 0x0704 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:52:00.0288 0x0704 KSecPkg - ok
08:52:00.0298 0x0704 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:52:00.0328 0x0704 ksthunk - ok
08:52:00.0368 0x0704 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
08:52:00.0398 0x0704 KtmRm - ok
08:52:00.0428 0x0704 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:52:00.0458 0x0704 LanmanServer - ok
08:52:00.0478 0x0704 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:52:00.0508 0x0704 LanmanWorkstation - ok
08:52:00.0648 0x0704 [ 7772DFAB22611050B79504E671B06E6E, 331FE235EDBCF48EE96A5A9D5D0560457CD85FA3FD7BEACD3700055F815D9F13 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
08:52:00.0678 0x0704 LBTServ - ok
08:52:00.0758 0x0704 [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
08:52:00.0778 0x0704 LHidFilt - ok
08:52:00.0858 0x0704 [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
08:52:00.0878 0x0704 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
08:52:01.0198 0x0704 Detect skipped due to KSN trusted
08:52:01.0198 0x0704 LightScribeService - ok
08:52:01.0228 0x0704 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:52:01.0258 0x0704 lltdio - ok
08:52:01.0288 0x0704 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:52:01.0328 0x0704 lltdsvc - ok
08:52:01.0348 0x0704 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:52:01.0378 0x0704 lmhosts - ok
08:52:01.0388 0x0704 [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
08:52:01.0398 0x0704 LMouFilt - ok
08:52:01.0408 0x0704 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:52:01.0418 0x0704 LSI_FC - ok
08:52:01.0438 0x0704 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:52:01.0448 0x0704 LSI_SAS - ok
08:52:01.0458 0x0704 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:52:01.0468 0x0704 LSI_SAS2 - ok
08:52:01.0478 0x0704 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:52:01.0488 0x0704 LSI_SCSI - ok
08:52:01.0498 0x0704 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
08:52:01.0528 0x0704 luafv - ok
08:52:01.0598 0x0704 [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
08:52:01.0618 0x0704 MBAMSwissArmy - ok
08:52:01.0648 0x0704 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:52:01.0658 0x0704 Mcx2Svc - ok
08:52:01.0678 0x0704 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:52:01.0688 0x0704 megasas - ok
08:52:01.0708 0x0704 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:52:01.0728 0x0704 MegaSR - ok
08:52:01.0748 0x0704 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
08:52:01.0778 0x0704 MMCSS - ok
08:52:01.0788 0x0704 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
08:52:01.0818 0x0704 Modem - ok
08:52:01.0828 0x0704 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:52:01.0838 0x0704 monitor - ok
08:52:01.0868 0x0704 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:52:01.0878 0x0704 mouclass - ok
08:52:01.0888 0x0704 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:52:01.0898 0x0704 mouhid - ok
08:52:01.0938 0x0704 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:52:01.0948 0x0704 mountmgr - ok
08:52:01.0978 0x0704 [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:52:01.0998 0x0704 MozillaMaintenance - ok
08:52:02.0028 0x0704 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
08:52:02.0038 0x0704 mpio - ok
08:52:02.0048 0x0704 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:52:02.0078 0x0704 mpsdrv - ok
08:52:02.0128 0x0704 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:52:02.0178 0x0704 MpsSvc - ok
08:52:02.0198 0x0704 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:52:02.0228 0x0704 MRxDAV - ok
08:52:02.0258 0x0704 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:52:02.0278 0x0704 mrxsmb - ok
08:52:02.0288 0x0704 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:52:02.0308 0x0704 mrxsmb10 - ok
08:52:02.0328 0x0704 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:52:02.0348 0x0704 mrxsmb20 - ok
08:52:02.0388 0x0704 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
08:52:02.0398 0x0704 msahci - ok
08:52:02.0448 0x0704 [ A592A054D78750B4D73ABAA4C94DECDF, 40B135C9F9EE698EC78BD19BD18353AE2CF4D020DDB9CFC37CD2FDBF7602614A ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
08:52:02.0458 0x0704 MSCamSvc - ok
08:52:02.0468 0x0704 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:52:02.0488 0x0704 msdsm - ok
08:52:02.0498 0x0704 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
08:52:02.0518 0x0704 MSDTC - ok
08:52:02.0548 0x0704 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:52:02.0578 0x0704 Msfs - ok
08:52:02.0598 0x0704 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:52:02.0638 0x0704 mshidkmdf - ok
08:52:02.0658 0x0704 [ 55218F924E55FD2786ED40EDF4ED79C3, C6000DE3A1FB526ECB77438A03F7212517CCD5E0CC9DDA07826865F8B980BEA0 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
08:52:02.0668 0x0704 MSHUSBVideo - ok
08:52:02.0708 0x0704 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:52:02.0718 0x0704 msisadrv - ok
08:52:02.0748 0x0704 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:52:02.0778 0x0704 MSiSCSI - ok
08:52:02.0788 0x0704 msiserver - ok
08:52:02.0808 0x0704 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:52:02.0838 0x0704 MSKSSRV - ok
08:52:02.0838 0x0704 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:52:02.0868 0x0704 MSPCLOCK - ok
08:52:02.0878 0x0704 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:52:02.0908 0x0704 MSPQM - ok
08:52:02.0938 0x0704 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:52:02.0958 0x0704 MsRPC - ok
08:52:02.0958 0x0704 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:52:02.0968 0x0704 mssmbios - ok
08:52:02.0978 0x0704 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:52:03.0008 0x0704 MSTEE - ok
08:52:03.0018 0x0704 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:52:03.0028 0x0704 MTConfig - ok
08:52:03.0058 0x0704 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
08:52:03.0078 0x0704 Mup - ok
08:52:03.0098 0x0704 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
08:52:03.0138 0x0704 napagent - ok
08:52:03.0178 0x0704 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:52:03.0198 0x0704 NativeWifiP - ok
08:52:03.0328 0x0704 [ 934BB0D23A25C8C136570800A5A149B6, 15D99CE4E970FECE257F6D69810F8104720B26D8DC3787BC38CC8692ACEABD37 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
08:52:03.0348 0x0704 NAUpdate - ok
08:52:03.0358 0x0704 [ DACA803A8D732FE5EEAA024EC342F81D, 2DDEA48CD417EDD657D487BADA7C31C05F35DA328AAC5AA63A99FDFD44F2BF02 ] NBVol C:\Windows\system32\DRIVERS\NBVol.sys
08:52:03.0368 0x0704 NBVol - ok
08:52:03.0388 0x0704 [ 6208F622E9E35860DFB0753DFF56F0C0, AF7730B4AB642E0E45C05AE1429C7B3D90B0889CF94B21AC7869790D4DB6FDBE ] NBVolUp C:\Windows\system32\DRIVERS\NBVolUp.sys
08:52:03.0398 0x0704 NBVolUp - ok
08:52:03.0438 0x0704 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
08:52:03.0468 0x0704 NDIS - ok
08:52:03.0488 0x0704 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:52:03.0518 0x0704 NdisCap - ok
08:52:03.0548 0x0704 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:52:03.0568 0x0704 NdisTapi - ok
08:52:03.0588 0x0704 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:52:03.0618 0x0704 Ndisuio - ok
08:52:03.0648 0x0704 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:52:03.0678 0x0704 NdisWan - ok
08:52:03.0688 0x0704 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:52:03.0718 0x0704 NDProxy - ok
08:52:03.0718 0x0704 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:52:03.0748 0x0704 NetBIOS - ok
08:52:03.0778 0x0704 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:52:03.0808 0x0704 NetBT - ok
08:52:03.0828 0x0704 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
08:52:03.0838 0x0704 Netlogon - ok
08:52:03.0858 0x0704 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
08:52:03.0898 0x0704 Netman - ok
08:52:03.0938 0x0704 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:52:03.0958 0x0704 NetMsmqActivator - ok
08:52:03.0958 0x0704 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:52:03.0978 0x0704 NetPipeActivator - ok
08:52:04.0008 0x0704 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
08:52:04.0048 0x0704 netprofm - ok
08:52:04.0048 0x0704 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:52:04.0068 0x0704 NetTcpActivator - ok
08:52:04.0068 0x0704 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:52:04.0088 0x0704 NetTcpPortSharing - ok
08:52:04.0128 0x0704 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:52:04.0148 0x0704 nfrd960 - ok
08:52:04.0168 0x0704 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:52:04.0188 0x0704 NlaSvc - ok
08:52:04.0228 0x0704 [ 1381E95D4E0F94F22DD484B5F8C1D61D, E91C10A62E3B5A610063F48354C6F4A1AAB7300A69EAD59E89ED8EEFDBD99062 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
08:52:04.0278 0x0704 nmwcd - ok
08:52:04.0428 0x0704 [ 205510CDB7B6084BF31760B5D06F9242, F3EAC6A7127DC5A0FEE7A9AFA561A8CA9B6E83FECCD731C890E85C33514B533B ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
08:52:04.0478 0x0704 nmwcdc - ok
08:52:04.0588 0x0704 [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf C:\Windows\system32\drivers\npf.sys
08:52:04.0608 0x0704 npf - ok
08:52:04.0628 0x0704 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:52:04.0678 0x0704 Npfs - ok
08:52:04.0688 0x0704 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
08:52:04.0718 0x0704 nsi - ok
08:52:04.0728 0x0704 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:52:04.0758 0x0704 nsiproxy - ok
08:52:04.0818 0x0704 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:52:04.0858 0x0704 Ntfs - ok
08:52:04.0878 0x0704 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
08:52:04.0908 0x0704 Null - ok
08:52:04.0948 0x0704 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:52:04.0958 0x0704 nvraid - ok
08:52:05.0008 0x0704 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:52:05.0018 0x0704 nvstor - ok
08:52:05.0038 0x0704 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:52:05.0048 0x0704 nv_agp - ok
08:52:05.0068 0x0704 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:52:05.0078 0x0704 ohci1394 - ok
08:52:05.0198 0x0704 [ FB565EAF1E99F57D1963189EE2F8ED66, 9371111512657A618F4E80DC6968317600872B46A15DF34D8486884B5A848897 ] OS Selector C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
08:52:05.0248 0x0704 OS Selector - ok
08:52:05.0298 0x0704 [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:52:05.0308 0x0704 ose64 - ok
08:52:05.0458 0x0704 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:52:05.0568 0x0704 osppsvc - ok
08:52:05.0608 0x0704 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:52:05.0668 0x0704 p2pimsvc - ok
08:52:05.0688 0x0704 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
08:52:05.0708 0x0704 p2psvc - ok
08:52:05.0748 0x0704 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:52:05.0758 0x0704 Parport - ok
08:52:05.0788 0x0704 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:52:05.0798 0x0704 partmgr - ok
08:52:05.0868 0x0704 [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
08:52:05.0888 0x0704 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
08:52:06.0168 0x0704 Detect skipped due to KSN trusted
08:52:06.0168 0x0704 PassThru Service - ok
08:52:06.0178 0x0704 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
08:52:06.0198 0x0704 PcaSvc - ok
08:52:06.0228 0x0704 [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
08:52:06.0248 0x0704 pccsmcfd - ok
08:52:06.0318 0x0704 [ 4B5F5774FF1C577B9515FDD2B5C535C5, 1D053020079124AC526D84AFFB17BF4A1563ECD872C83B4B6299C9AA6A732557 ] PCDSRVC{D3412D80-CF3B4A27-06020200}_0 c:\program files\my dell\pcdsrvc_x64.pkms
08:52:06.0328 0x0704 PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - ok
08:52:06.0368 0x0704 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
08:52:06.0388 0x0704 pci - ok
08:52:06.0428 0x0704 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
08:52:06.0448 0x0704 pciide - ok
08:52:06.0478 0x0704 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:52:06.0498 0x0704 pcmcia - ok
08:52:06.0508 0x0704 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
08:52:06.0518 0x0704 pcw - ok
08:52:06.0608 0x0704 [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
08:52:06.0648 0x0704 PDF Architect Helper Service - ok
08:52:06.0688 0x0704 [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
08:52:06.0708 0x0704 PDF Architect Service - ok
08:52:06.0738 0x0704 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:52:06.0778 0x0704 PEAUTH - ok
08:52:06.0828 0x0704 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
08:52:06.0868 0x0704 PeerDistSvc - ok
08:52:06.0928 0x0704 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:52:06.0958 0x0704 PerfHost - ok
08:52:07.0018 0x0704 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
08:52:07.0078 0x0704 pla - ok
08:52:07.0128 0x0704 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:52:07.0148 0x0704 PlugPlay - ok
08:52:07.0158 0x0704 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:52:07.0168 0x0704 PNRPAutoReg - ok
08:52:07.0188 0x0704 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:52:07.0208 0x0704 PNRPsvc - ok
08:52:07.0228 0x0704 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:52:07.0268 0x0704 PolicyAgent - ok
08:52:07.0288 0x0704 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
08:52:07.0318 0x0704 Power - ok
08:52:07.0338 0x0704 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:52:07.0368 0x0704 PptpMiniport - ok
08:52:07.0388 0x0704 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:52:07.0398 0x0704 Processor - ok
08:52:07.0418 0x0704 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
08:52:07.0438 0x0704 ProfSvc - ok
08:52:07.0448 0x0704 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:52:07.0458 0x0704 ProtectedStorage - ok
08:52:07.0488 0x0704 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:52:07.0518 0x0704 Psched - ok
08:52:07.0548 0x0704 [ A6BF0A9B5A30D743623CA0D3BE35DF05, 0AA2DAE7ADC38F4197548DE174D551A0CF9281D2680B07E6C84914CA199C0661 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
08:52:07.0558 0x0704 PxHlpa64 - ok
08:52:07.0618 0x0704 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:52:07.0658 0x0704 ql2300 - ok
08:52:07.0678 0x0704 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:52:07.0688 0x0704 ql40xx - ok
08:52:07.0718 0x0704 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
08:52:07.0738 0x0704 QWAVE - ok
08:52:07.0748 0x0704 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:52:07.0758 0x0704 QWAVEdrv - ok
08:52:07.0768 0x0704 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:52:07.0798 0x0704 RasAcd - ok
08:52:07.0808 0x0704 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:52:07.0838 0x0704 RasAgileVpn - ok
08:52:07.0848 0x0704 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
08:52:07.0878 0x0704 RasAuto - ok
08:52:07.0908 0x0704 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:52:07.0929 0x0704 Rasl2tp - ok
08:52:07.0969 0x0704 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
08:52:07.0999 0x0704 RasMan - ok
08:52:08.0009 0x0704 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:52:08.0039 0x0704 RasPppoe - ok
08:52:08.0049 0x0704 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:52:08.0079 0x0704 RasSstp - ok
08:52:08.0099 0x0704 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:52:08.0129 0x0704 rdbss - ok
08:52:08.0139 0x0704 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:52:08.0159 0x0704 rdpbus - ok
08:52:08.0169 0x0704 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:52:08.0199 0x0704 RDPCDD - ok
08:52:08.0239 0x0704 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
08:52:08.0259 0x0704 RDPDR - ok
08:52:08.0279 0x0704 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:52:08.0309 0x0704 RDPENCDD - ok
08:52:08.0319 0x0704 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:52:08.0349 0x0704 RDPREFMP - ok
08:52:08.0379 0x0704 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:52:08.0399 0x0704 RDPWD - ok
08:52:08.0439 0x0704 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:52:08.0449 0x0704 rdyboost - ok
08:52:08.0469 0x0704 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:52:08.0499 0x0704 RemoteAccess - ok
08:52:08.0519 0x0704 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:52:08.0549 0x0704 RemoteRegistry - ok
08:52:08.0559 0x0704 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:52:08.0589 0x0704 RpcEptMapper - ok
08:52:08.0589 0x0704 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
08:52:08.0609 0x0704 RpcLocator - ok
08:52:08.0639 0x0704 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
08:52:08.0669 0x0704 RpcSs - ok
08:52:08.0689 0x0704 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:52:08.0709 0x0704 rspndr - ok
08:52:08.0739 0x0704 [ A29F3787FEA005C8355F62321BE9E065, A1BE2758EE21CBFB00E6F32D3C62323D890BD9AD177E880390CFAD9F5326A9B3 ] rusb3hub C:\Windows\system32\DRIVERS\rusb3hub.sys
08:52:08.0749 0x0704 rusb3hub - ok
08:52:08.0769 0x0704 [ 0FE1DB20DA9863CD5B397717FF07738B, 3BCA3269A6ECA501508F2BAC56DB9C0B2DAD3DDA853C5FB168E4C628A94E1C83 ] rusb3xhc C:\Windows\system32\DRIVERS\rusb3xhc.sys
08:52:08.0779 0x0704 rusb3xhc - ok
08:52:08.0819 0x0704 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
08:52:08.0829 0x0704 s3cap - ok
08:52:08.0849 0x0704 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
08:52:08.0879 0x0704 SamSs - ok
08:52:08.0929 0x0704 [ 328100AF2EFD951EAB657384EC361B6F, 2DECBF74E13511395AA13F931F06F4D557E67654DA3314D0095C332FB758B4D9 ] SamsungAllShareV2.0 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
08:52:08.0939 0x0704 SamsungAllShareV2.0 - ok
08:52:08.0979 0x0704 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:52:08.0989 0x0704 sbp2port - ok
08:52:09.0039 0x0704 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:52:09.0069 0x0704 SCardSvr - ok
08:52:09.0089 0x0704 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:52:09.0119 0x0704 scfilter - ok
08:52:09.0159 0x0704 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
08:52:09.0209 0x0704 Schedule - ok
08:52:09.0229 0x0704 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
08:52:09.0259 0x0704 SCPolicySvc - ok
08:52:09.0279 0x0704 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:52:09.0289 0x0704 SDRSVC - ok
08:52:09.0319 0x0704 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:52:09.0349 0x0704 secdrv - ok
08:52:09.0369 0x0704 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
08:52:09.0399 0x0704 seclogon - ok
08:52:09.0409 0x0704 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
08:52:09.0429 0x0704 SENS - ok
08:52:09.0439 0x0704 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:52:09.0459 0x0704 SensrSvc - ok
08:52:09.0469 0x0704 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:52:09.0479 0x0704 Serenum - ok
08:52:09.0509 0x0704 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:52:09.0519 0x0704 Serial - ok
08:52:09.0549 0x0704 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:52:09.0559 0x0704 sermouse - ok
08:52:09.0639 0x0704 [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
08:52:09.0659 0x0704 ServiceLayer - ok
08:52:09.0689 0x0704 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
08:52:09.0719 0x0704 SessionEnv - ok
08:52:09.0749 0x0704 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:52:09.0759 0x0704 sffdisk - ok
08:52:09.0769 0x0704 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:52:09.0789 0x0704 sffp_mmc - ok
08:52:09.0799 0x0704 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:52:09.0809 0x0704 sffp_sd - ok
08:52:09.0829 0x0704 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:52:09.0839 0x0704 sfloppy - ok
08:52:09.0879 0x0704 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:52:09.0919 0x0704 SharedAccess - ok
08:52:09.0949 0x0704 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:52:09.0979 0x0704 ShellHWDetection - ok
08:52:10.0019 0x0704 [ 1980FE1F5A32067DAD1D8776B63C2669, 26B53EAF89CDBBA8FFA154DBB1F1DA348F894FE1F1D0CA4060E32496464DD5D2 ] SimpleSlideShowServer C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
08:52:10.0039 0x0704 SimpleSlideShowServer - ok
08:52:10.0069 0x0704 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:52:10.0089 0x0704 SiSRaid2 - ok
08:52:10.0099 0x0704 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:52:10.0119 0x0704 SiSRaid4 - ok
08:52:10.0159 0x0704 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:52:10.0189 0x0704 SkypeUpdate - ok
08:52:10.0199 0x0704 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:52:10.0229 0x0704 Smb - ok
08:52:10.0279 0x0704 [ FBE0201AB61E18934C812C34D31A4403, 549E51FC11CCA30B21970C90F4799D6CB94481CDC623B8C319F16DAEFC8A190B ] snapman C:\Windows\system32\DRIVERS\snapman.sys
08:52:10.0309 0x0704 snapman - ok
08:52:10.0319 0x0704 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:52:10.0339 0x0704 SNMPTRAP - ok
08:52:10.0349 0x0704 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
08:52:10.0359 0x0704 spldr - ok
08:52:10.0429 0x0704 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
08:52:10.0459 0x0704 Spooler - ok
08:52:10.0579 0x0704 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
08:52:10.0689 0x0704 sppsvc - ok
08:52:10.0719 0x0704 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:52:10.0749 0x0704 sppuinotify - ok
08:52:10.0779 0x0704 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:52:10.0799 0x0704 srv - ok
08:52:10.0819 0x0704 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:52:10.0839 0x0704 srv2 - ok
08:52:10.0849 0x0704 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:52:10.0869 0x0704 srvnet - ok
08:52:10.0879 0x0704 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:52:10.0909 0x0704 SSDPSRV - ok
08:52:10.0919 0x0704 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:52:10.0949 0x0704 SstpSvc - ok
08:52:10.0999 0x0704 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:52:11.0009 0x0704 stexstor - ok
08:52:11.0029 0x0704 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
08:52:11.0059 0x0704 StillCam - ok
08:52:11.0149 0x0704 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
08:52:11.0189 0x0704 stisvc - ok
08:52:11.0249 0x0704 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
08:52:11.0259 0x0704 storflt - ok
08:52:11.0279 0x0704 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
08:52:11.0299 0x0704 StorSvc - ok
08:52:11.0329 0x0704 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
08:52:11.0339 0x0704 storvsc - ok
08:52:11.0349 0x0704 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
08:52:11.0359 0x0704 swenum - ok
08:52:11.0379 0x0704 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
08:52:11.0419 0x0704 swprv - ok
08:52:11.0679 0x0704 [ 0FE29D81F372CA2DCE9E49736A3BD3E6, 10ED93BEE7ECBD2AF5E7AB0197CC82A5424FD63A2ED90F0417B266AD06E5F32C ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
08:52:11.0829 0x0704 syncagentsrv - ok
08:52:11.0899 0x0704 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
08:52:11.0949 0x0704 SysMain - ok
08:52:11.0979 0x0704 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:52:11.0999 0x0704 TabletInputService - ok
08:52:12.0029 0x0704 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
08:52:12.0059 0x0704 TapiSrv - ok
08:52:12.0079 0x0704 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
08:52:12.0099 0x0704 TBS - ok
08:52:12.0209 0x0704 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:52:12.0259 0x0704 Tcpip - ok
08:52:12.0309 0x0704 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:52:12.0349 0x0704 TCPIP6 - ok
08:52:12.0379 0x0704 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:52:12.0389 0x0704 tcpipreg - ok
08:52:12.0419 0x0704 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:52:12.0429 0x0704 TDPIPE - ok
08:52:12.0479 0x0704 [ 07330E30921C70E9D9B416EE43A06349, 398500C12E685BCF732C7F80A2C0E95181E5377A0E6C14CF9A3EE8580083A556 ] tdrpman C:\Windows\system32\DRIVERS\tdrpman.sys
08:52:12.0519 0x0704 tdrpman - ok
08:52:12.0559 0x0704 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:52:12.0569 0x0704 TDTCP - ok
08:52:12.0599 0x0704 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:52:12.0629 0x0704 tdx - ok
08:52:12.0929 0x0704 [ 3438EFDC30F7A41D3598ED60BBF6CF2A, 342B8E78DF6B4BA641C5CCB5B1343B363B770681F0794A809728789E3BE56E46 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
08:52:13.0069 0x0704 TeamViewer9 - ok
08:52:13.0099 0x0704 [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
08:52:13.0109 0x0704 teamviewervpn - ok
08:52:13.0159 0x0704 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
08:52:13.0179 0x0704 TermDD - ok
08:52:13.0209 0x0704 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
08:52:13.0259 0x0704 TermService - ok
08:52:13.0269 0x0704 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
08:52:13.0289 0x0704 Themes - ok
08:52:13.0299 0x0704 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
08:52:13.0329 0x0704 THREADORDER - ok
08:52:13.0369 0x0704 [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib C:\Windows\system32\DRIVERS\tib.sys
08:52:13.0399 0x0704 tib - ok
08:52:13.0409 0x0704 [ 3C29FB9FC9B4C511AD69DC50257FEC75, 4906DADE076FD363C53044C805602EEA4D0EF6E92041C693E1BED2286614B36E ] tib_mounter C:\Windows\system32\DRIVERS\tib_mounter.sys
08:52:13.0419 0x0704 tib_mounter - ok
08:52:13.0429 0x0704 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
08:52:13.0459 0x0704 TrkWks - ok
08:52:13.0489 0x0704 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:52:13.0519 0x0704 TrustedInstaller - ok
08:52:13.0539 0x0704 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:52:13.0549 0x0704 tssecsrv - ok
08:52:13.0569 0x0704 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:52:13.0579 0x0704 TsUsbFlt - ok
08:52:13.0619 0x0704 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:52:13.0649 0x0704 tunnel - ok
08:52:13.0659 0x0704 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:52:13.0669 0x0704 uagp35 - ok
08:52:13.0699 0x0704 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:52:13.0729 0x0704 udfs - ok
08:52:13.0749 0x0704 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:52:13.0759 0x0704 UI0Detect - ok
08:52:13.0789 0x0704 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:52:13.0799 0x0704 uliagpkx - ok
08:52:13.0859 0x0704 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
08:52:13.0889 0x0704 umbus - ok
08:52:13.0899 0x0704 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:52:13.0919 0x0704 UmPass - ok
08:52:13.0949 0x0704 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
08:52:13.0969 0x0704 UmRdpService - ok
08:52:13.0989 0x0704 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
08:52:14.0029 0x0704 upnphost - ok
08:52:14.0079 0x0704 [ 311C90F0767A63000AC35DD0A7078A30, DB80E10015DCC595F90C31CE61590DB07E84F8B13DA904B2D59233678C366A2D ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
08:52:14.0119 0x0704 upperdev - ok
08:52:14.0169 0x0704 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
08:52:14.0189 0x0704 USBAAPL64 - ok
08:52:14.0259 0x0704 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
08:52:14.0279 0x0704 usbaudio - ok
08:52:14.0299 0x0704 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:52:14.0319 0x0704 usbccgp - ok
08:52:14.0359 0x0704 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:52:14.0389 0x0704 usbcir - ok
08:52:14.0409 0x0704 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:52:14.0429 0x0704 usbehci - ok
08:52:14.0459 0x0704 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:52:14.0499 0x0704 usbhub - ok
08:52:14.0519 0x0704 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:52:14.0539 0x0704 usbohci - ok
08:52:14.0559 0x0704 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:52:14.0579 0x0704 usbprint - ok
08:52:14.0629 0x0704 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\DRIVERS\usbser.sys
08:52:14.0659 0x0704 usbser - ok
08:52:14.0669 0x0704 [ C03DA998E412D69D18DD11D835229AF0, DD43E370EF370767588A6D56A51A4ADF99B5E063C7AA0528F91FD431DE7C2932 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
08:52:14.0709 0x0704 UsbserFilt - ok
08:52:14.0749 0x0704 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:52:14.0779 0x0704 USBSTOR - ok
08:52:14.0789 0x0704 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:52:14.0809 0x0704 usbuhci - ok
08:52:14.0859 0x0704 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
08:52:14.0889 0x0704 usbvideo - ok
08:52:14.0919 0x0704 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
08:52:14.0939 0x0704 usb_rndisx - ok
08:52:14.0959 0x0704 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
08:52:14.0989 0x0704 UxSms - ok
08:52:15.0009 0x0704 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
08:52:15.0019 0x0704 VaultSvc - ok
08:52:15.0039 0x0704 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:52:15.0049 0x0704 vdrvroot - ok
08:52:15.0079 0x0704 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
08:52:15.0119 0x0704 vds - ok
08:52:15.0139 0x0704 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:52:15.0159 0x0704 vga - ok
08:52:15.0169 0x0704 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
08:52:15.0199 0x0704 VgaSave - ok
08:52:15.0229 0x0704 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:52:15.0239 0x0704 vhdmp - ok
08:52:15.0269 0x0704 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
08:52:15.0279 0x0704 viaide - ok
08:52:15.0299 0x0704 [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr C:\Windows\system32\DRIVERS\vididr.sys
08:52:15.0319 0x0704 vididr - ok
08:52:15.0329 0x0704 [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt C:\Windows\system32\DRIVERS\vidsflt.sys
08:52:15.0339 0x0704 vidsflt - ok
08:52:15.0349 0x0704 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
08:52:15.0369 0x0704 vmbus - ok
08:52:15.0389 0x0704 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
08:52:15.0399 0x0704 VMBusHID - ok
08:52:15.0429 0x0704 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:52:15.0439 0x0704 volmgr - ok
08:52:15.0469 0x0704 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:52:15.0489 0x0704 volmgrx - ok
08:52:15.0499 0x0704 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:52:15.0519 0x0704 volsnap - ok
08:52:15.0549 0x0704 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:52:15.0579 0x0704 vsmraid - ok
08:52:15.0639 0x0704 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
08:52:15.0709 0x0704 VSS - ok
08:52:15.0719 0x0704 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
08:52:15.0729 0x0704 vwifibus - ok
08:52:15.0759 0x0704 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
08:52:15.0799 0x0704 W32Time - ok
08:52:15.0809 0x0704 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:52:15.0819 0x0704 WacomPen - ok
08:52:15.0839 0x0704 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:52:15.0869 0x0704 WANARP - ok
08:52:15.0869 0x0704 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:52:15.0899 0x0704 Wanarpv6 - ok
08:52:16.0039 0x0704 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
08:52:16.0089 0x0704 wbengine - ok
08:52:16.0089 0x0704 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:52:16.0109 0x0704 WbioSrvc - ok
08:52:16.0169 0x0704 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:52:16.0209 0x0704 wcncsvc - ok
08:52:16.0229 0x0704 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:52:16.0239 0x0704 WcsPlugInService - ok
08:52:16.0259 0x0704 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:52:16.0279 0x0704 Wd - ok
08:52:16.0319 0x0704 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:52:16.0359 0x0704 Wdf01000 - ok
08:52:16.0379 0x0704 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:52:16.0389 0x0704 WdiServiceHost - ok
08:52:16.0399 0x0704 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:52:16.0419 0x0704 WdiSystemHost - ok
08:52:16.0439 0x0704 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
08:52:16.0459 0x0704 WebClient - ok
08:52:16.0469 0x0704 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:52:16.0499 0x0704 Wecsvc - ok
08:52:16.0509 0x0704 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:52:16.0539 0x0704 wercplsupport - ok
08:52:16.0559 0x0704 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
08:52:16.0579 0x0704 WerSvc - ok
08:52:16.0599 0x0704 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:52:16.0619 0x0704 WfpLwf - ok
08:52:16.0629 0x0704 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:52:16.0639 0x0704 WIMMount - ok
08:52:16.0659 0x0704 WinDefend - ok
08:52:16.0659 0x0704 WinHttpAutoProxySvc - ok
08:52:16.0709 0x0704 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:52:16.0739 0x0704 Winmgmt - ok
08:52:16.0829 0x0704 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
08:52:16.0899 0x0704 WinRM - ok
08:52:16.0949 0x0704 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
08:52:16.0969 0x0704 WinUsb - ok
08:52:17.0189 0x0704 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
08:52:17.0229 0x0704 Wlansvc - ok
08:52:17.0279 0x0704 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:52:17.0289 0x0704 WmiAcpi - ok
08:52:17.0399 0x0704 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:52:17.0409 0x0704 wmiApSrv - ok
08:52:17.0519 0x0704 WMPNetworkSvc - ok
08:52:17.0569 0x0704 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:52:17.0579 0x0704 WPCSvc - ok
08:52:17.0619 0x0704 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:52:17.0659 0x0704 WPDBusEnum - ok
08:52:17.0699 0x0704 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:52:17.0739 0x0704 ws2ifsl - ok
08:52:17.0759 0x0704 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
08:52:17.0779 0x0704 wscsvc - ok
08:52:17.0809 0x0704 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
08:52:17.0829 0x0704 WSDPrintDevice - ok
08:52:17.0839 0x0704 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
08:52:17.0849 0x0704 WSDScan - ok
08:52:17.0849 0x0704 WSearch - ok
08:52:17.0949 0x0704 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
08:52:18.0009 0x0704 wuauserv - ok
08:52:18.0029 0x0704 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:52:18.0049 0x0704 WudfPf - ok
08:52:18.0079 0x0704 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:52:18.0099 0x0704 WUDFRd - ok
08:52:18.0129 0x0704 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:52:18.0159 0x0704 wudfsvc - ok
08:52:18.0179 0x0704 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
08:52:18.0199 0x0704 WwanSvc - ok
08:52:18.0219 0x0704 ================ Scan global ===============================
08:52:18.0229 0x0704 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
08:52:18.0259 0x0704 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
08:52:18.0279 0x0704 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
08:52:18.0299 0x0704 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
08:52:18.0319 0x0704 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
08:52:18.0329 0x0704 [ Global ] - ok
08:52:18.0329 0x0704 ================ Scan MBR ==================================
08:52:18.0339 0x0704 [ E87267CB6496429BB50554191DA7C765 ] \Device\Harddisk0\DR0
08:52:18.0759 0x0704 \Device\Harddisk0\DR0 - ok
08:52:18.0769 0x0704 [ F2634EFAB9E22A7870007C2453CEFE38 ] \Device\Harddisk1\DR1
08:52:19.0389 0x0704 \Device\Harddisk1\DR1 - ok
08:52:19.0399 0x0704 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
08:52:19.0549 0x0704 \Device\Harddisk2\DR2 - ok
08:52:19.0549 0x0704 ================ Scan VBR ==================================
08:52:19.0559 0x0704 [ 33196769F5533E97BBF3CF1B0DBD7E97 ] \Device\Harddisk0\DR0\Partition1
08:52:19.0779 0x0704 \Device\Harddisk0\DR0\Partition1 - ok
08:52:19.0789 0x0704 [ D93A77E8B03537FE5B73AEA864B2D202 ] \Device\Harddisk0\DR0\Partition2
08:52:19.0859 0x0704 \Device\Harddisk0\DR0\Partition2 - ok
08:52:19.0859 0x0704 [ 4D770FA5EEDBA50288A779519E293433 ] \Device\Harddisk1\DR1\Partition1
08:52:19.0919 0x0704 \Device\Harddisk1\DR1\Partition1 - ok
08:52:19.0919 0x0704 [ D6B777808A122F9C5B8D9724B6FC2344 ] \Device\Harddisk1\DR1\Partition2
08:52:19.0989 0x0704 \Device\Harddisk1\DR1\Partition2 - ok
08:52:19.0999 0x0704 [ 2B505A9EECDD390A9F6C0753FE860D8C ] \Device\Harddisk1\DR1\Partition3
08:52:20.0049 0x0704 \Device\Harddisk1\DR1\Partition3 - ok
08:52:20.0059 0x0704 [ B67981594E46A69ABCA1D04672CD6AA4 ] \Device\Harddisk1\DR1\Partition4
08:52:20.0109 0x0704 \Device\Harddisk1\DR1\Partition4 - ok
08:52:20.0109 0x0704 [ 2F0174EF90787E5CE6EA31B007331B93 ] \Device\Harddisk2\DR2\Partition1
08:52:20.0119 0x0704 \Device\Harddisk2\DR2\Partition1 - ok
08:52:20.0119 0x0704 ================ Scan generic autorun ======================
08:52:20.0159 0x0704 [ A0B996A6D4F7502EC6A9AADFB87FDA25, 2A79F03DECCC5C11E5B14109F5FBD790A4E005A45C71766E3C85BF14699F034C ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
08:52:20.0179 0x0704 Acronis Scheduler2 Service - ok
08:52:20.0379 0x0704 [ 1869AA6DAF4F664660225B6D2102DF69, 636E9FBB2B27D8E084A3EABCDFE6498BCD38ACB6983D3D95FB9FB86716033235 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
08:52:20.0539 0x0704 RtHDVCpl - ok
08:52:20.0709 0x0704 [ DF72D700CC33611206675B8A2FD4D4F9, AB3AF6FD92140A1432FEAFFF2015CFAD5E9362F0018EA1D859A2DA349E95847D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
08:52:20.0749 0x0704 EvtMgr6 - ok
08:52:20.0789 0x0704 [ 80FDA1E7877DDBBB53D736AD290EC08A, E042AD1D6D6F04C2000853A16AEE4F28C6325ABE64C00890460A4EC7FB6D1939 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
08:52:20.0799 0x0704 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
08:52:21.0070 0x0704 Detect skipped due to KSN trusted
08:52:21.0070 0x0704 StartCCC - ok
08:52:21.0180 0x0704 [ 0B6307FB3D24EACBB86A51E285E1F384, 4658EEBD36669906C15D876B28D566E74703A81A3EF6ACE99EE2B6D8857DA594 ] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
08:52:21.0220 0x0704 GDFirewallTray - ok
08:52:21.0280 0x0704 [ A3A9E5888143F3DAB803B007393D791F, 42435F0AF4C942F4F05EB80B36188951A8BEAB3E50F67FCDB1FF8B52A04890C0 ] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
08:52:21.0300 0x0704 AdobeCS4ServiceManager - ok
08:52:21.0370 0x0704 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
08:52:21.0390 0x0704 Adobe ARM - ok
08:52:21.0540 0x0704 [ 22310E2C6AE375142ABBB9EF384ECD40, A8673DF56546E4CDD7A0099D8CCB889415125089F786D0637E8D9B21CE53AB4D ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
08:52:21.0650 0x0704 BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
08:52:21.0940 0x0704 Detect skipped due to KSN trusted
08:52:21.0940 0x0704 BrStsMon00 - ok
08:52:22.0010 0x0704 [ 0C0DD390CF53D506414AC2CAA68E7F34, C64A9BAF0FDA5161B9361FC454CA36E7595E6BC969A6FA03993C5949373D8A00 ] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
08:52:22.0070 0x0704 BrHelp - detected UnsignedFile.Multi.Generic ( 1 )
08:52:22.0350 0x0704 Detect skipped due to KSN trusted
08:52:22.0350 0x0704 BrHelp - ok
08:52:22.0430 0x0704 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
08:52:22.0480 0x0704 Sidebar - ok
08:52:22.0490 0x0704 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
08:52:22.0510 0x0704 mctadmin - ok
08:52:22.0540 0x0704 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
08:52:22.0580 0x0704 Sidebar - ok
08:52:22.0580 0x0704 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
08:52:22.0600 0x0704 mctadmin - ok
08:52:22.0750 0x0704 [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
08:52:22.0850 0x0704 LightScribe Control Panel - ok
08:52:22.0920 0x0704 [ 16D510C28673BF1565D096D41234773C, 72BC509E8D9B444B37F10A266DF8E05471FC0006F34367EEF24203419EE9585C ] C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe
08:52:22.0930 0x0704 dradio-RecorderTimer - detected UnsignedFile.Multi.Generic ( 1 )
08:52:23.0220 0x0704 Detect skipped due to KSN trusted
08:52:23.0220 0x0704 dradio-RecorderTimer - ok
08:52:23.0250 0x0704 [ 16D510C28673BF1565D096D41234773C, 72BC509E8D9B444B37F10A266DF8E05471FC0006F34367EEF24203419EE9585C ] C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe
08:52:23.0260 0x0704 dradio-RecorderTimer - detected UnsignedFile.Multi.Generic ( 1 )
08:52:23.0260 0x0704 Detect skipped due to KSN trusted
08:52:23.0260 0x0704 dradio-RecorderTimer - ok
08:52:23.0360 0x0704 [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
08:52:23.0430 0x0704 LightScribe Control Panel - ok
08:52:23.0490 0x0704 [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
08:52:23.0550 0x0704 LightScribe Control Panel - ok
08:52:23.0560 0x0704 Waiting for KSN requests completion. In queue: 167
08:52:24.0570 0x0704 AV detected via SS2: G Data InternetSecurity, C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.0.0.0 ), 0x41000 ( enabled : updated )
08:52:24.0570 0x0704 FW detected via SS2: G Data Personal Firewall, C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
08:52:26.0960 0x0704 ============================================================
08:52:26.0960 0x0704 Scan finished
08:52:26.0960 0x0704 ============================================================
08:52:26.0970 0x1540 Detected object count: 0
08:52:26.0970 0x1540 Actual detected object count: 0
|
|
09.07.2014, 08:02
| #4 |
| /// the machine /// TB-Ausbilder | Sehr langsamer Programmstart Hi, Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke. So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2014, 08:20
| #5 |
| | Sehr langsamer Programmstart Ok, tut mir leid. Also nochmal, diesmal in drei Portionen: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by HDS (administrator) on HDS-NEU2 on 07-07-2014 18:41:42
Running from E:\Downloads\trojanerboard
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
() C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
() C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
() C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe
(freenet.de GmbH) C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2009-08-18] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2014-01-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe [67488 2007-09-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [freenet.de Dateimanager Taskleistensymbol] => C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe [142336 2009-01-22] (freenet.de GmbH)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [dradio-RecorderTimer] => C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe [41472 2012-04-03] ()
HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [] => [X]
HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\MountPoints2: {0eb18823-749a-11e3-9f74-806e6f6e6963} - F:\Autoplay.exe -auto
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
BootExecute: autocheck autochk * auto_reactivate \\?\Volume{0eb18820-749a-11e3-9f74-806e6f6e6963}\bootwiz\asrm.bin
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:8088
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {71CA019B-6980-4703-BBEF-AAA0CC218409} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader64.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 google-analytics.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: about:home
FF NetworkProxy: "ftp", "87.250.52.230"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "87.250.52.230"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "87.250.52.230"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "87.250.52.230"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll No File
FF SearchPlugin: C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\searchplugins\wikipdia-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FRITZ!Box AddOn - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\fb_add_on@avm.de [2014-01-04]
FF Extension: Nokia Maps 3D browser plugin - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\maps@ovi.com [2014-01-04]
FF Extension: WOT - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-12]
FF Extension: DownloadHelper - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: anonymoX - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\client@anonymox.net.xpi [2014-01-04]
FF Extension: Preispilot - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\extension@preispilot.com.xpi [2014-01-04]
FF Extension: CleanTube - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\jid0-Oh6YfHwkh8Cb1Y4efKhBukwKfB0@jetpack.xpi [2014-01-04]
FF Extension: Safe Preview - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\safepreview@everhelper.me.xpi [2014-01-07]
FF Extension: Stealthy - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\stealthyextension@gmail.com.xpi [2014-01-04]
FF Extension: Webutation - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2014-01-07]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2014-01-04]
FF Extension: NoScript - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-01]
FF Extension: Youtube Converter MP3 - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a5}.xpi [2014-01-04]
FF Extension: Go To Google - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{BCC877E7-7F3F-4632-8338-DAEE4475DE35}.xpi [2014-01-04]
FF Extension: Adblock Plus - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-04]
FF Extension: Fox!Box - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2014-01-04]
FF Extension: QuickJava - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-01-04]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-04]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-01-16]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-01-16]
FF HKLM-x32\...\Firefox\Extensions: [jid0-1wPBLrijxGVkIUhu0kFYq6ZaWzA@jetpack] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox
FF Extension: AntiBrowserSpy - SocialBlocker - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox [2014-02-25]
FF HKLM-x32\...\Firefox\Extensions: [firefox@printecosoftware.com] - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi
FF Extension: PrintEco - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi [2014-03-17]
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-06] (Adobe Systems) [File not signed]
R2 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-05-27] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-27] (Freemake) [File not signed]
S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-01-13] (Ellora Assets Corp.) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3203392 2014-05-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2011-11-15] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 Mtpip000ode; No ImagePath
==================== Drivers (Whitelisted) ====================
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-07-03] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-07-03] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-07-03] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-07-03] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-07-03] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-03-06] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-07-03] (G Data Software AG)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-28] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-01-04] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-01-04] (Acronis International GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-01-04] (Acronis International GmbH)
S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-07 18:41 - 2014-07-07 18:41 - 00000000 ____D () C:\FRST
2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable
2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird
2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird
2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA
2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter
2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-28 15:09 - 2014-07-03 16:49 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster
2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager
2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR
2014-06-20 07:44 - 2014-06-20 07:47 - 00000000 ____D () C:\FreeOCR
2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk
2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2014-06-20 07:44 - 2007-03-10 10:11 - 02680320 _____ (HiComponents) C:\Windows\SysWOW64\ImageEnXLibrary.ocx
2014-06-20 07:43 - 2014-06-20 08:40 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express
2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco
2014-06-20 07:40 - 2014-06-20 07:41 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\InetStat
2014-06-18 16:12 - 2014-06-18 16:18 - 00000000 ____D () C:\Users\HDS\Documents\Fax
2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5}
2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk
2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk
2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys
2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\eXPert PDF 5
2014-06-13 17:19 - 2014-06-16 17:26 - 00000000 ____D () C:\Users\HDS\AppData\Local\Adobe
2014-06-11 07:58 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 07:58 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 07:58 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 07:58 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 07:58 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 07:58 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 07:58 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 07:58 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 07:58 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 07:58 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 07:58 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 07:58 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 07:58 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 07:58 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 07:58 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 07:58 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 07:58 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 07:58 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 07:58 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 07:58 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 07:58 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 07:58 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 07:58 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 07:58 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 07:58 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 07:58 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 07:58 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 07:58 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 07:58 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 07:58 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 07:58 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 07:58 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 07:58 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 07:58 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 07:58 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 07:58 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 07:58 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 07:58 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 07:58 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 07:58 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 07:58 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 07:58 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 07:58 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 07:58 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 07:58 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 07:58 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 07:58 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 07:58 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 07:58 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 07:58 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 07:58 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 07:58 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 07:33 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 07:33 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 07:33 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 07:33 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 07:33 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 07:33 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 07:33 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 07:33 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 07:33 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 07:33 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 07:33 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 07:33 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 07:28 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 07:28 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-10 13:22 - 2014-04-09 17:51 - 06715624 _____ (TomTom International B.V.) C:\Users\HDS\Downloads\InstallMyDriveConnect_3_3_0_1502.exe
2014-06-08 15:09 - 2014-06-08 15:09 - 00000000 ____D () C:\Program Files (x86)\SuperCar
2014-06-08 14:57 - 2014-06-08 15:09 - 00001905 _____ () C:\Users\Public\Desktop\SuperCar.lnk
2014-06-08 14:57 - 2014-06-08 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperCar
2014-06-07 08:59 - 2014-06-07 08:59 - 00000938 _____ () C:\Users\HDS\Desktop\DL - Verknüpfung.lnk
==================== One Month Modified Files and Folders =======
2014-07-07 18:41 - 2014-07-07 18:41 - 00000000 ____D () C:\FRST
2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable
2014-07-07 18:36 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS
2014-07-07 18:28 - 2014-01-04 14:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-07 18:19 - 2014-01-03 19:14 - 01827938 _____ () C:\Windows\WindowsUpdate.log
2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird
2014-07-07 13:16 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-07 13:16 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-07-07 13:11 - 2014-01-03 20:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-07 13:09 - 2014-01-05 13:18 - 00000000 ____D () C:\Users\HDS\AppData\Local\HTC MediaHub
2014-07-07 13:09 - 2014-01-04 11:59 - 00262046 _____ () C:\Windows\PFRO.log
2014-07-07 13:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-07 13:09 - 2009-07-14 06:51 - 00058674 _____ () C:\Windows\setupact.log
2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird
2014-07-06 21:14 - 2014-01-04 13:52 - 00001617 _____ () C:\Windows\BRRBCOM.INI
2014-07-05 08:19 - 2014-01-05 11:57 - 00001841 _____ () C:\Windows\system32\TeamViewer9_Hooks.log
2014-07-05 08:19 - 2014-01-05 11:56 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-05 08:19 - 2014-01-05 11:56 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-07-03 21:36 - 2014-04-05 16:09 - 00000000 ___RD () C:\Users\HDS\Dropbox
2014-07-03 16:52 - 2014-04-05 16:06 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Dropbox
2014-07-03 16:49 - 2014-06-28 15:09 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster
2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA
2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity
2014-07-03 08:41 - 2014-04-10 14:04 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys
2014-07-03 08:41 - 2014-04-10 14:04 - 00001978 _____ () C:\Users\Public\Desktop\G Data InternetSecurity.lnk
2014-07-03 08:41 - 2014-01-03 20:03 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2014-07-03 08:41 - 2014-01-03 20:02 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2014-07-03 08:41 - 2014-01-03 20:02 - 00061440 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2014-07-03 08:40 - 2014-01-05 13:17 - 00053328 _____ () C:\Windows\DPINST.LOG
2014-07-03 08:40 - 2014-01-03 20:02 - 00142336 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2014-07-03 08:40 - 2014-01-03 20:02 - 00055808 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2014-07-02 17:31 - 2014-01-05 10:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\vlc
2014-07-02 17:26 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-07-02 17:26 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-07-02 17:26 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 14:01 - 2014-01-22 18:39 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\KeePass
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter
2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-07-02 11:05 - 2014-01-16 16:28 - 00001320 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk
2014-07-02 11:05 - 2014-01-16 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-30 15:40 - 2014-01-05 11:34 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\CoreFTP
2014-06-29 16:14 - 2014-01-05 11:58 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Skype
2014-06-29 13:30 - 2014-03-28 18:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-29 13:30 - 2014-01-05 11:58 - 00000000 ____D () C:\ProgramData\Skype
2014-06-28 15:09 - 2014-04-05 16:09 - 00001011 _____ () C:\Users\HDS\Desktop\Dropbox.lnk
2014-06-28 12:34 - 2014-01-14 16:49 - 00017920 _____ () C:\Users\HDS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager
2014-06-20 08:40 - 2014-06-20 07:43 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express
2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR
2014-06-20 07:47 - 2014-06-20 07:44 - 00000000 ____D () C:\FreeOCR
2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk
2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco
2014-06-20 07:41 - 2014-06-20 07:40 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\InetStat
2014-06-18 17:58 - 2014-01-04 12:07 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-18 16:18 - 2014-06-18 16:12 - 00000000 ____D () C:\Users\HDS\Documents\Fax
2014-06-18 09:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5}
2014-06-18 09:43 - 2014-01-04 13:21 - 00002669 _____ () C:\Users\Public\Desktop\TAXMAN 2014 spezial.lnk
2014-06-18 09:43 - 2014-01-03 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2014-06-18 09:27 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Adobe
2014-06-17 12:16 - 2014-01-04 09:54 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-17 12:14 - 2014-01-04 17:50 - 00096280 _____ () C:\Users\HDS\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-17 12:14 - 2009-07-14 06:45 - 00369552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk
2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk
2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys
2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2014-06-17 12:06 - 2014-01-04 11:53 - 00000209 _____ () C:\Windows\ODBCINST.INI
2014-06-17 12:06 - 2014-01-04 09:53 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-17 12:03 - 2014-02-19 18:37 - 00000000 ____D () C:\Users\Hans-Dieter\AppData\Roaming\Adobe
2014-06-17 12:03 - 2014-01-04 15:43 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-06-17 10:53 - 2014-03-27 18:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-17 10:53 - 2014-01-05 13:05 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-17 10:48 - 2014-03-27 18:12 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-17 10:48 - 2014-01-05 13:05 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-17 08:47 - 2014-01-18 14:52 - 00007906 _____ () C:\Users\HDS\Documents\capella.log
2014-06-16 17:26 - 2014-06-13 17:19 - 00000000 ____D () C:\Users\HDS\AppData\Local\Adobe
2014-06-15 15:50 - 2014-01-22 18:37 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-06-15 15:50 - 2014-01-22 18:37 - 00001105 _____ () C:\Users\HDS\Desktop\KeePass 2.lnk
2014-06-15 15:50 - 2014-01-22 18:37 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-06-15 12:53 - 2014-01-05 10:30 - 00000000 ____D () C:\Users\HDS\Documents\MyHeritage
2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\eXPert PDF 5
2014-06-13 20:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-06-13 07:12 - 2014-02-25 16:15 - 00000000 ____D () C:\Program Files (x86)\AntiBrowserSpy
2014-06-13 07:11 - 2014-06-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 17:21 - 2014-01-03 20:51 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-12 17:21 - 2014-01-03 20:51 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-12 13:28 - 2014-01-04 14:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-12 13:28 - 2014-01-04 14:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 13:28 - 2014-01-03 19:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-12 08:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-11 21:59 - 2014-01-05 09:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 21:54 - 2014-01-05 09:57 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 21:54 - 2014-01-04 10:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 21:53 - 2014-06-04 05:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-09 16:03 - 2014-01-05 10:43 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\GeoSetter
2014-06-08 15:09 - 2014-06-08 15:09 - 00000000 ____D () C:\Program Files (x86)\SuperCar
2014-06-08 15:09 - 2014-06-08 14:57 - 00001905 _____ () C:\Users\Public\Desktop\SuperCar.lnk
2014-06-08 14:57 - 2014-06-08 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperCar
2014-06-08 11:13 - 2014-06-11 07:28 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 07:28 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 08:59 - 2014-06-07 08:59 - 00000938 _____ () C:\Users\HDS\Desktop\DL - Verknüpfung.lnk
Some content of TEMP:
====================
C:\Users\HDS\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl_pmpy.dll
C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsbry6o.dll
C:\Users\HDS\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.1.exe
C:\Users\HDS\AppData\Local\Temp\FreemakeVideoDownloader_3.6.2.3.exe
C:\Users\HDS\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\HDS\AppData\Local\Temp\Quarantine.exe
C:\Users\HDS\AppData\Local\Temp\vlc-2.1.4-win64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-29 07:49
==================== End Of Log ============================
--- --- --- Sendung 2: FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by HDS at 2014-07-07 18:43:23
Running from E:\Downloads\trojanerboard
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: G Data InternetSecurity (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acoustica 4.1 (HKLM-x32\...\Acoustica_is1) (Version: 4.1 - Acon Digital Media GmbH)
Acronis True Image 2014 (HKLM-x32\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}Visible) (Version: 17.0.6673 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden
Acronis*Disk*Director*11*Home (HKLM-x32\...\{8EFB7927-48AD-4E6D-91B7-6B2BD6C3F380}) (Version: 11.0.2343 - Acronis)
Adobe Acrobat 7.0 Professional - English, Français, Deutsch (x32 Version: 7.1.0 - Adobe Systems) Hidden
Adobe Acrobat 7.1.0 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 7.0 Professional - English, Français, Deutsch - V) (Version: 7.1.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS4 (HKLM-x32\...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Photoshop Elements 6.0 (HKLM-x32\...\Adobe Photoshop Elements 6) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 6.0 (x32 Version: 6.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.50517 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{14AF193A-EC13-3B3E-BFBF-D2C471F12718}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Bizzybolt (HKLM\...\Bizzybolt) (Version: 2013.11.20.184610 - Bizzybolt) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{D6E46FC2-B513-4B7D-8C8C-352F4735C541}) (Version: 12.54.02 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J470DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.5.0.3 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.1.6 - Canon Inc.)
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 3.3.0.5 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.2.21 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.4 (HKLM-x32\...\DPP) (Version: 3.4.0.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.4.0.1 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.4.0.5 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.3.0.0 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities WFT-E1/E2/E3 Utility (HKLM-x32\...\WFTK) (Version: 3.2.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.)
capella 7 (HKLM-x32\...\{4623BAA6-0B23-4D47-ABD0-73F2DA4FAF56}) (Version: 7.1.20 - capella software AG)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0517.1742.29870 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0517.1742.29870 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0517.1742.29870 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0517.1742.29870 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help English (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help French (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help German (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0517.1742.29870 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0517.1742.29870 - ATI) Hidden
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
Core FTP LE (HKLM-x32\...\CoreFTP) (Version: - )
DDBAC (HKLM-x32\...\{AC3DC2B3-9380-4966-87B6-9FAEB5E7739C}) (Version: 5.3.25 - DataDesign)
DDBAC (HKLM-x32\...\{E3B6D3FB-A593-41BA-9AB1-FFE46F608565}) (Version: 5.3.21 - DataDesign)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{2A16B95F-7377-410A-B961-EFD9394E1AF3}) (Version: - Microsoft)
dradio-Recorder Version 3.02.6 (HKLM-x32\...\dradio-Recorder_is1) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
eXPert PDF 5 (HKLM-x32\...\{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}) (Version: 5.1.200.0 - Visage Software)
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.2 - Ellora Assets Corporation)
freenetMail Dateimanager (HKLM-x32\...\freenetMail Dateimanager) (Version: 1.4.15a - freenet.de GmbH)
FreeOCR v5.0 (HKLM-x32\...\freeocr_is1) (Version: - )
G Data InternetSecurity (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.4 - G Data Software AG)
Garmin BaseCamp (HKLM-x32\...\{EBAC8FD4-28EC-46F7-BF9E-89D6E6673001}) (Version: 4.2.5 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
GeoSetter 3.4.16 (HKLM-x32\...\GeoSetter_is1) (Version: - Friedemann Schmidt)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GoogleClean (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft)
High-Definition Video Playback (x32 Version: 11.1.11100.4.196 - Nero AG) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.0.52.0 - HTC)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
InetStat (HKCU\...\InetStat) (Version: 0.5b - InetStat)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Java(TM) 6 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle)
Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
KeePass Password Safe 2.26 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.26 - Dominik Reichl)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Lexware Info Service (HKLM-x32\...\{85BF9FDB-BD5B-407C-9CAE-3542E5164783}) (Version: 4.00.00.0075 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM-x32\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Lotus Notes 6.5.1 de (HKLM-x32\...\{C626B47C-8312-4D8C-89E1-16FE42EF34E6}) (Version: 6.501.421 - IBM)
Lupas Rename 2000 v5.0 Release (HKLM-x32\...\Lupas Rename 2000_is1) (Version: - Ivan Anton Albarracin)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6422.14 - PC-Doctor, Inc.)
MyDriveConnect 3.3.0.1502 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7129 - MyHeritage.com)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nero 11 Cliparts (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Disc Menus 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Disc Menus 2 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Disc Menus 3 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Disc Menus Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Effects Basic (x32 Version: 11.0.11400.14.0 - Nero AG) Hidden
Nero 11 Image Samples (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes 2 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes 3 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes 4 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 PiP Effects 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 PiP Effects Basic (x32 Version: 11.0.11400.14.0 - Nero AG) Hidden
Nero 11 Platinum (HKLM-x32\...\{79B3E8EE-35F2-4CCD-82D9-4A57F408E449}) (Version: 11.2.00700 - Nero AG)
Nero 11 Video Samples (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Video Transitions 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp 11 (x32 Version: 6.2.18400.2.100 - Nero AG) Hidden
Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Nero Burning ROM 11 (x32 Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero ControlCenter 11 (x32 Version: 11.0.12700.0.27 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Core Components 11 (x32 Version: 11.0.16300.1.23 - Nero AG) Hidden
Nero CoverDesigner 11 (x32 Version: 6.0.11000.13.100 - Nero AG) Hidden
Nero CoverDesigner 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Express 11 (x32 Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Express 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.10.24800.146.100 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 11.0.10200 - Nero AG) Hidden
Nero Recode 11 (x32 Version: 5.2.10900.0.0 - Nero AG) Hidden
Nero Recode 11 Help (CHM) (x32 Version: 11.0.10600 - Nero AG) Hidden
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.11500.1.5 - Nero AG) Hidden
Nero SoundTrax 11 (x32 Version: 5.0.10700.6.100 - Nero AG) Hidden
Nero SoundTrax 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden
Nero Video 11 (x32 Version: 8.2.15700.3.100 - Nero AG) Hidden
Nero Video 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero WaveEditor 11 (x32 Version: 6.2.11300.0.100 - Nero AG) Hidden
Nero WaveEditor 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20010 - Nero AG) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PrintEco Office (HKLM-x32\...\{864C0654-5C9F-4F03-85D5-47CA3062C7E2}) (Version: 1.4.70 - PrintEco)
Quicken 2014 (HKLM-x32\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.37.00.0185 - Haufe-Lexware GmbH & Co.KG)
Quicken DELUXE Jubiläumsversion (HKLM-x32\...\{A907A713-DA24-4352-8786-96C7A6944646}) (Version: 20.36.00.0134 - Haufe-Lexware GmbH & Co.KG)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Rossmann Fotowelt Software 4.13 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.13 - ORWO Net)
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
SUPER © v2014.build.60+Recorder (2014/02/18) Version v2014.buil (HKLM-x32\...\{8E2A18E2-96AF-8549-4DE7-5C06B75719A4}_is1) (Version: v2014.build.60+Recorder - eRightSoft)
SuperCar (HKLM-x32\...\SuperCar) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAXMAN 2014 spezial (HKLM-x32\...\{23CCE76F-7421-4090-8081-BD519F2F93F4}) (Version: 20.04.00.0003 - Haufe-Lexware GmbH & Co.KG)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.SingleImage_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.SingleImage_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0410-1000-0000000FF1CE}_Office14.SingleImage_{B2508D75-61CF-4CC0-84C0-CF257219201D}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.SingleImage_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.SingleImage_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version: - Microsoft)
UpdateYeti (HKLM-x32\...\UpdateYeti_is1) (Version: 2.16 - Abelssoft)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
XnView 2.12 (HKLM-x32\...\XnView_is1) (Version: 2.12 - Gougelet Pierre-e)
==================== Restore Points =========================
22-06-2014 16:11:57 Windows Update
28-06-2014 10:21:06 Windows Update
02-07-2014 07:36:40 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-03-31 15:24 - 00000863 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 google-analytics.com
==================== Scheduled Tasks (whitelisted) =============
Task: {1FECA8C6-0AF7-4BDA-8463-A95604FC3964} - System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck => C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe [2014-01-08] ()
Task: {30EE096A-F76E-4793-97A4-C487EA3C2650} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-12-03] (PC-Doctor, Inc.)
Task: {38565432-BFA7-4836-8020-C12C9F5E6DF8} - System32\Tasks\Abelssoft\UpdateYeti scan => C:\Program Files (x86)\UpdateYeti\UpdateYeti.exe [2014-02-18] (Ascora GmbH)
Task: {435A0533-5AF4-4078-B580-08CAFB0A7898} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {50F7C0A7-34B3-43E2-8E84-D811DB9F182D} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-12-03] (PC-Doctor, Inc.)
Task: {95BC6CCC-9B9B-45BA-A5F6-AAA741E5E77B} - System32\Tasks\AntiBrowserSpy - SocialBlock - IE => C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe [2014-01-08] ()
Task: {980E0CDC-C1FE-4BFD-8CB8-F6F7CB6F5481} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {CDD01417-B496-493F-B6DD-43A9FFC02AF3} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2014-01-08] ()
Task: {E3F06EE1-F3B9-4C89-A4E3-3CA6A1E74C5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-05] (Google Inc.)
Task: {E83FDDA6-C32F-4394-A1AB-B03D54319006} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-05] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2007-09-11 00:45 - 2007-09-11 00:45 - 00124832 _____ () C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
2014-01-05 13:17 - 2012-12-07 18:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-01-04 13:50 - 2005-04-22 06:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-02-25 16:15 - 2014-01-08 09:21 - 00778240 _____ () C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
2014-02-25 16:15 - 2014-01-08 09:18 - 01136640 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
2013-10-01 11:32 - 2013-10-01 11:32 - 02818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2014-02-25 16:15 - 2014-01-08 09:21 - 00823424 _____ () C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
2014-02-25 16:15 - 2014-01-08 09:21 - 00055936 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbSettings.dll
2014-02-25 16:15 - 2014-01-08 09:21 - 00861312 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyResources.dll
2014-02-25 16:15 - 2014-01-08 09:21 - 01340032 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyLibrary.dll
2014-02-25 16:15 - 2014-01-08 09:21 - 01401472 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbGui.dll
2014-02-25 16:15 - 2014-01-08 09:21 - 00016000 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbProcessManager.dll
2011-11-15 19:44 - 2011-11-15 19:44 - 02155848 _____ () C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2014-01-04 15:15 - 2012-04-03 18:14 - 00041472 _____ () C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe
2008-11-18 13:00 - 2008-11-18 13:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-05-17 18:40 - 2010-05-17 18:40 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-03-21 16:07 - 2014-03-21 16:07 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-05-20 03:38 - 2014-05-20 03:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-21 16:05 - 2014-03-21 16:05 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-03-21 16:06 - 2014-03-21 16:06 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-03-21 16:06 - 2014-03-21 16:06 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-03-21 16:06 - 2014-03-21 16:06 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-03-21 16:06 - 2014-03-21 16:06 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-03-21 16:08 - 2014-03-21 16:08 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-03-21 16:09 - 2014-03-21 16:09 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2014-01-04 13:50 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-10-10 13:02 - 2013-10-10 13:02 - 00013120 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
2014-02-04 19:25 - 2014-02-04 19:25 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2014-02-04 19:28 - 2014-02-04 19:28 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-06-03 18:43 - 2014-06-06 06:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-01 12:00 - 2013-10-01 12:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/07/2014 06:35:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/07/2014 06:18:49 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8019
Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8019
Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7020
Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7020
Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6022
Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6022
System errors:
=============
Error: (07/07/2014 06:18:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst afcdpsrv erreicht.
Error: (07/07/2014 00:06:54 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1EF75F33-893B-4E8F-9655-C3D602BA4897}
Error: (07/03/2014 09:36:03 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Error: (07/03/2014 08:44:25 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Error: (07/03/2014 08:44:05 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Error: (07/03/2014 08:43:25 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Error: (07/03/2014 08:43:05 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Error: (07/03/2014 08:42:25 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Error: (07/03/2014 08:38:05 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Error: (07/03/2014 08:37:45 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Microsoft Office Sessions:
=========================
Error: (07/07/2014 06:35:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\Downloads\trojanerboard\esetsmartinstaller_enu.exe
Error: (07/07/2014 06:18:49 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll.ManifestC:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll.Manifest2
Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8019
Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8019
Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7020
Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7020
Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6022
Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6022
==================== Memory info ===========================
Percentage of memory in use: 34%
Total physical RAM: 6103.12 MB
Available physical RAM: 3990.33 MB
Total Pagefile: 12204.41 MB
Available Pagefile: 8727.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:1862.92 GB) (Free:1764.17 GB) NTFS
Drive d: () (Fixed) (Total:425.58 GB) (Free:207.57 GB) NTFS
Drive e: (Eigene Dateien) (Fixed) (Total:554.98 GB) (Free:244.44 GB) NTFS
Drive i: () (Fixed) (Total:662.53 GB) (Free:182.89 GB) NTFS
Drive j: (MEDIA) (Removable) (Total:29.71 GB) (Free:23.96 GB) FAT32
Drive o: (Kopie C alt) (Fixed) (Total:205.97 GB) (Free:37.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 6E7A038E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-198731366400) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 722B620C)
Partition 1: (Not Active) - (Size=150 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=206 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=-434765733888) - (Type=05)
========================================================
Disk: 2 (Size: 30 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
09.07.2014, 08:29
| #6 |
| | Sehr langsamer Programmstart Sendung 3: Code:
ATTFilter 08:51:06.0312 0x1ed4 TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54
08:51:08.0772 0x1ed4 ============================================================
08:51:08.0772 0x1ed4 Current date / time: 2014/07/08 08:51:08.0772
08:51:08.0772 0x1ed4 SystemInfo:
08:51:08.0772 0x1ed4
08:51:08.0772 0x1ed4 OS Version: 6.1.7601 ServicePack: 1.0
08:51:08.0772 0x1ed4 Product type: Workstation
08:51:08.0772 0x1ed4 ComputerName: HDS-NEU2
08:51:08.0772 0x1ed4 UserName: HDS
08:51:08.0772 0x1ed4 Windows directory: C:\Windows
08:51:08.0772 0x1ed4 System windows directory: C:\Windows
08:51:08.0772 0x1ed4 Running under WOW64
08:51:08.0772 0x1ed4 Processor architecture: Intel x64
08:51:08.0772 0x1ed4 Number of processors: 4
08:51:08.0772 0x1ed4 Page size: 0x1000
08:51:08.0772 0x1ed4 Boot type: Normal boot
08:51:08.0772 0x1ed4 ============================================================
08:51:11.0082 0x1ed4 KLMD registered as C:\Windows\system32\drivers\09465781.sys
08:51:11.0342 0x1ed4 System UUID: {A974136A-F8B4-94EC-10BF-7F71AE75B0DB}
08:51:11.0772 0x1ed4 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:51:11.0782 0x1ed4 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:51:11.0802 0x1ed4 Drive \Device\Harddisk2\DR2 - Size: 0x76E480000 ( 29.72 Gb ), SectorSize: 0x200, Cylinders: 0xF28, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:51:11.0832 0x1ed4 ============================================================
08:51:11.0832 0x1ed4 \Device\Harddisk0\DR0:
08:51:11.0832 0x1ed4 MBR partitions:
08:51:11.0832 0x1ed4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:51:11.0832 0x1ed4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800
08:51:11.0832 0x1ed4 \Device\Harddisk1\DR1:
08:51:11.0832 0x1ed4 MBR partitions:
08:51:11.0832 0x1ed4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1BEA800, BlocksNum 0x19BEE800
08:51:11.0832 0x1ed4 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1B7D9800, BlocksNum 0x455F5000
08:51:11.0832 0x1ed4 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x60DCF000, BlocksNum 0x35328800
08:51:11.0832 0x1ed4 \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x960F8000, BlocksNum 0x52D10800
08:51:11.0832 0x1ed4 \Device\Harddisk2\DR2:
08:51:11.0832 0x1ed4 MBR partitions:
08:51:11.0832 0x1ed4 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x3B70400
08:51:11.0832 0x1ed4 ============================================================
08:51:11.0852 0x1ed4 C: <-> \Device\Harddisk0\DR0\Partition2
08:51:11.0892 0x1ed4 O: <-> \Device\Harddisk1\DR1\Partition1
08:51:11.0922 0x1ed4 I: <-> \Device\Harddisk1\DR1\Partition4
08:51:11.0942 0x1ed4 D: <-> \Device\Harddisk1\DR1\Partition3
08:51:11.0972 0x1ed4 E: <-> \Device\Harddisk1\DR1\Partition2
08:51:11.0972 0x1ed4 ============================================================
08:51:11.0972 0x1ed4 Initialize success
08:51:11.0972 0x1ed4 ============================================================
08:51:32.0475 0x0704 ============================================================
08:51:32.0475 0x0704 Scan started
08:51:32.0475 0x0704 Mode: Manual; SigCheck; TDLFS;
08:51:32.0475 0x0704 ============================================================
08:51:32.0475 0x0704 KSN ping started
08:51:46.0007 0x0704 KSN ping finished: true
08:51:46.0997 0x0704 ================ Scan system memory ========================
08:51:46.0997 0x0704 System memory - ok
08:51:46.0997 0x0704 ================ Scan services =============================
08:51:47.0157 0x0704 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:51:47.0257 0x0704 1394ohci - ok
08:51:47.0287 0x0704 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:51:47.0317 0x0704 ACPI - ok
08:51:47.0327 0x0704 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:51:47.0337 0x0704 AcpiPmi - ok
08:51:47.0447 0x0704 [ CD41DFA7A778555B2055E2D388F5CB33, AE149AB7823AE3A97E2826C06968F32A7E50331484203E4581C83E441A1680F9 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
08:51:47.0477 0x0704 AcrSch2Svc - ok
08:51:47.0537 0x0704 [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
08:51:47.0547 0x0704 Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
08:51:47.0847 0x0704 Detect skipped due to KSN trusted
08:51:47.0847 0x0704 Adobe LM Service - ok
08:51:47.0907 0x0704 [ E8FE4FCE23D2809BD88BCC1D0F8408CE, D744A1052BF104490A8D9BDE2B331F2C0157FCF58B54867E192B62CEE85F697E ] AdobeActiveFileMonitor6.0 C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
08:51:47.0937 0x0704 AdobeActiveFileMonitor6.0 - ok
08:51:47.0987 0x0704 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:51:48.0007 0x0704 AdobeARMservice - ok
08:51:48.0097 0x0704 [ B5D8DE922237CEDDC7992297654A4BE4, 88EF0B5EBFB383C9069A29AEA8D76EDBE1E70DD6F7C18970EE01ECAE9F408B38 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:51:48.0127 0x0704 AdobeFlashPlayerUpdateSvc - ok
08:51:48.0177 0x0704 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:51:48.0207 0x0704 adp94xx - ok
08:51:48.0217 0x0704 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:51:48.0237 0x0704 adpahci - ok
08:51:48.0257 0x0704 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:51:48.0267 0x0704 adpu320 - ok
08:51:48.0297 0x0704 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:51:48.0327 0x0704 AeLookupSvc - ok
08:51:48.0377 0x0704 [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2, BBB1FB1A80D9641CB7965A75B8CB8094F0876E9631A93E6BDCC53A016EB48D05 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
08:51:48.0417 0x0704 AERTFilters - ok
08:51:48.0447 0x0704 [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
08:51:48.0497 0x0704 afcdp - ok
08:51:48.0827 0x0704 [ 3B1C11CB7006495F799F8A2AB8B2D530, B7B0C4922A1843BBF8104CDC705C4FEA1F1A760C1CC2BD6BC5E4213A0E4ED9FD ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
08:51:48.0917 0x0704 afcdpsrv - ok
08:51:48.0957 0x0704 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
08:51:48.0977 0x0704 AFD - ok
08:51:49.0007 0x0704 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
08:51:49.0017 0x0704 agp440 - ok
08:51:49.0027 0x0704 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
08:51:49.0037 0x0704 ALG - ok
08:51:49.0097 0x0704 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
08:51:49.0117 0x0704 aliide - ok
08:51:49.0147 0x0704 [ F0E61CF2C0FDA5B011CD1CB2E2353C9A, B1CE3BB3ED8ED78468B11C7AFB64B0CD48C078C350F049EC9473B60F6130091E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:51:49.0177 0x0704 AMD External Events Utility - ok
08:51:49.0197 0x0704 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
08:51:49.0207 0x0704 amdide - ok
08:51:49.0257 0x0704 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:51:49.0287 0x0704 AmdK8 - ok
08:51:49.0507 0x0704 [ CF3DB4D8B2CE0B282AB39C9D846ECA74, 1679FE9444057D8EFF1389C5EA9677B914DC269BBE447B2684A05FE4E438014A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:51:49.0677 0x0704 amdkmdag - ok
08:51:49.0697 0x0704 [ 7D07DB26F6D3A16A6C8D34CE6C09FD01, 6ABE6D29ABA9F1E3A08A2FE7E5C1AF304093A8FE148340F5DA5A4F7C20F44753 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
08:51:49.0717 0x0704 amdkmdap - ok
08:51:49.0727 0x0704 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:51:49.0737 0x0704 AmdPPM - ok
08:51:49.0797 0x0704 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:51:49.0807 0x0704 amdsata - ok
08:51:49.0827 0x0704 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:51:49.0847 0x0704 amdsbs - ok
08:51:49.0867 0x0704 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:51:49.0877 0x0704 amdxata - ok
08:51:49.0917 0x0704 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
08:51:49.0987 0x0704 AppID - ok
08:51:50.0007 0x0704 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:51:50.0057 0x0704 AppIDSvc - ok
08:51:50.0077 0x0704 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
08:51:50.0087 0x0704 Appinfo - ok
08:51:50.0177 0x0704 [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:51:50.0197 0x0704 Apple Mobile Device - ok
08:51:50.0227 0x0704 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
08:51:50.0257 0x0704 AppMgmt - ok
08:51:50.0277 0x0704 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
08:51:50.0297 0x0704 arc - ok
08:51:50.0307 0x0704 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:51:50.0317 0x0704 arcsas - ok
08:51:50.0407 0x0704 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:51:50.0437 0x0704 aspnet_state - ok
08:51:50.0467 0x0704 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:51:50.0507 0x0704 AsyncMac - ok
08:51:50.0547 0x0704 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
08:51:50.0577 0x0704 atapi - ok
08:51:50.0617 0x0704 [ 637E0753BD6DEB8EA5314A5C357EC1A0, 2B479DBBF72A2AFB3DC65A3FDA30B628BC9FB21160EBD7E1BE44404C671B1D08 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
08:51:50.0637 0x0704 AtiHdmiService - ok
08:51:50.0697 0x0704 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:51:50.0747 0x0704 AudioEndpointBuilder - ok
08:51:50.0757 0x0704 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:51:50.0807 0x0704 AudioSrv - ok
08:51:50.0977 0x0704 [ EEB33B500F7C3A2CC64FB6836D9E93B6, BE41CB08DFC11770C3BC0A213CDF2EFB52043B38DD9E228DBEDE53D4A00B314D ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
08:51:51.0027 0x0704 AVKProxy - ok
08:51:51.0127 0x0704 [ 56C6F2D7F1D515B4B534217443D3B67F, CB9E94EE515EE7C426B34EC40DFDEF27893C3379C011B2FF6EEF318A34BCF482 ] AVKService C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
08:51:51.0157 0x0704 AVKService - ok
08:51:51.0227 0x0704 [ 258B9C230D2A904349CDF18CAD6B22BE, A270FF5D58C516272C248E22FD5ED3C4F279D0348154D56E13E88D05820E9246 ] AVKWCtl C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
08:51:51.0297 0x0704 AVKWCtl - ok
08:51:51.0317 0x0704 [ 43744F1D3CDE20F3925F10927C9036C2, 47374A71D1A38572B8C247E924C0F3F063A6281743C9B7D818D63CA576B5D289 ] AVMCOWAN C:\Windows\system32\DRIVERS\AVMCOWAN.sys
08:51:51.0327 0x0704 AVMCOWAN - ok
08:51:51.0357 0x0704 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:51:51.0377 0x0704 AxInstSV - ok
08:51:51.0417 0x0704 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:51:51.0457 0x0704 b06bdrv - ok
08:51:51.0487 0x0704 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:51:51.0507 0x0704 b57nd60a - ok
08:51:51.0557 0x0704 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
08:51:51.0587 0x0704 BDESVC - ok
08:51:51.0597 0x0704 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
08:51:51.0637 0x0704 Beep - ok
08:51:51.0697 0x0704 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
08:51:51.0737 0x0704 BFE - ok
08:51:51.0787 0x0704 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
08:51:51.0837 0x0704 BITS - ok
08:51:51.0847 0x0704 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:51:51.0867 0x0704 blbdrive - ok
08:51:51.0937 0x0704 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:51:51.0967 0x0704 Bonjour Service - ok
08:51:51.0997 0x0704 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:51:52.0007 0x0704 bowser - ok
08:51:52.0027 0x0704 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:51:52.0037 0x0704 BrFiltLo - ok
08:51:52.0067 0x0704 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:51:52.0087 0x0704 BrFiltUp - ok
08:51:52.0107 0x0704 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
08:51:52.0127 0x0704 Browser - ok
08:51:52.0157 0x0704 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:51:52.0177 0x0704 Brserid - ok
08:51:52.0197 0x0704 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:51:52.0227 0x0704 BrSerWdm - ok
08:51:52.0227 0x0704 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:51:52.0247 0x0704 BrUsbMdm - ok
08:51:52.0257 0x0704 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:51:52.0277 0x0704 BrUsbSer - ok
08:51:52.0307 0x0704 [ 065818B8A2CD7F08D6DC8C598191548C, 08982EB22484ECCA1A7FD0C6A10E6D0BB09F624CEBC397C9B241C2D75C984C70 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
08:51:52.0327 0x0704 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
08:51:52.0587 0x0704 Detect skipped due to KSN trusted
08:51:52.0587 0x0704 BrYNSvc - ok
08:51:52.0627 0x0704 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:51:52.0657 0x0704 BTHMODEM - ok
08:51:52.0687 0x0704 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
08:51:52.0737 0x0704 bthserv - ok
08:51:52.0757 0x0704 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:51:52.0787 0x0704 cdfs - ok
08:51:52.0857 0x0704 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:51:52.0887 0x0704 cdrom - ok
08:51:52.0937 0x0704 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
08:51:52.0997 0x0704 CertPropSvc - ok
08:51:53.0007 0x0704 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:51:53.0037 0x0704 circlass - ok
08:51:53.0057 0x0704 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
08:51:53.0077 0x0704 CLFS - ok
08:51:53.0147 0x0704 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:51:53.0167 0x0704 clr_optimization_v2.0.50727_32 - ok
08:51:53.0217 0x0704 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:51:53.0237 0x0704 clr_optimization_v2.0.50727_64 - ok
08:51:53.0307 0x0704 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:51:53.0337 0x0704 clr_optimization_v4.0.30319_32 - ok
08:51:53.0347 0x0704 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:51:53.0367 0x0704 clr_optimization_v4.0.30319_64 - ok
08:51:53.0387 0x0704 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:51:53.0407 0x0704 CmBatt - ok
08:51:53.0447 0x0704 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:51:53.0477 0x0704 cmdide - ok
08:51:53.0537 0x0704 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
08:51:53.0577 0x0704 CNG - ok
08:51:53.0587 0x0704 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:51:53.0607 0x0704 Compbatt - ok
08:51:53.0657 0x0704 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:51:53.0697 0x0704 CompositeBus - ok
08:51:53.0707 0x0704 COMSysApp - ok
08:51:53.0717 0x0704 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:51:53.0747 0x0704 crcdisk - ok
08:51:53.0777 0x0704 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:51:53.0797 0x0704 CryptSvc - ok
08:51:53.0837 0x0704 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
08:51:53.0867 0x0704 CSC - ok
08:51:53.0907 0x0704 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
08:51:53.0937 0x0704 CscService - ok
08:51:53.0957 0x0704 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:51:53.0997 0x0704 DcomLaunch - ok
08:51:54.0017 0x0704 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
08:51:54.0047 0x0704 defragsvc - ok
08:51:54.0077 0x0704 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:51:54.0107 0x0704 DfsC - ok
08:51:54.0127 0x0704 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
08:51:54.0147 0x0704 Dhcp - ok
08:51:54.0147 0x0704 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
08:51:54.0177 0x0704 discache - ok
08:51:54.0197 0x0704 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:51:54.0207 0x0704 Disk - ok
08:51:54.0227 0x0704 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:51:54.0237 0x0704 Dnscache - ok
08:51:54.0267 0x0704 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
08:51:54.0297 0x0704 dot3svc - ok
08:51:54.0327 0x0704 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
08:51:54.0357 0x0704 DPS - ok
08:51:54.0417 0x0704 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:51:54.0437 0x0704 drmkaud - ok
08:51:54.0497 0x0704 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:51:54.0537 0x0704 DXGKrnl - ok
08:51:54.0557 0x0704 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
08:51:54.0587 0x0704 EapHost - ok
08:51:54.0707 0x0704 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:51:54.0797 0x0704 ebdrv - ok
08:51:54.0837 0x0704 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
08:51:54.0867 0x0704 EFS - ok
08:51:54.0927 0x0704 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:51:54.0967 0x0704 ehRecvr - ok
08:51:54.0997 0x0704 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
08:51:55.0017 0x0704 ehSched - ok
08:51:55.0067 0x0704 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:51:55.0097 0x0704 elxstor - ok
08:51:55.0117 0x0704 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:51:55.0137 0x0704 ErrDev - ok
08:51:55.0167 0x0704 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
08:51:55.0207 0x0704 EventSystem - ok
08:51:55.0227 0x0704 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
08:51:55.0257 0x0704 exfat - ok
08:51:55.0277 0x0704 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:51:55.0307 0x0704 fastfat - ok
08:51:55.0357 0x0704 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
08:51:55.0397 0x0704 Fax - ok
08:51:55.0417 0x0704 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:51:55.0427 0x0704 fdc - ok
08:51:55.0437 0x0704 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
08:51:55.0467 0x0704 fdPHost - ok
08:51:55.0487 0x0704 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
08:51:55.0507 0x0704 FDResPub - ok
08:51:55.0517 0x0704 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:51:55.0527 0x0704 FileInfo - ok
08:51:55.0537 0x0704 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:51:55.0567 0x0704 Filetrace - ok
08:51:55.0627 0x0704 [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:51:55.0657 0x0704 FLEXnet Licensing Service - ok
08:51:55.0677 0x0704 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:51:55.0697 0x0704 flpydisk - ok
08:51:55.0727 0x0704 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:51:55.0737 0x0704 FltMgr - ok
08:51:55.0757 0x0704 [ FDD776FAC4159A2983940D1E411FE9F3, 3B147B4D3C5CC67117D65152FA8BD3A603728C92B023AE45CD166E6FF3F474C5 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys
08:51:55.0767 0x0704 fltsrv - ok
08:51:55.0867 0x0704 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
08:51:55.0908 0x0704 FontCache - ok
08:51:55.0968 0x0704 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:51:55.0988 0x0704 FontCache3.0.0.0 - ok
08:51:56.0048 0x0704 [ CE7593C10A04D08F9B043890216F5728, 21E4AD5643BCDCB811E49C74F682672032A603078EDD80DE6E37249C9A005407 ] FPCIBASE C:\Windows\system32\DRIVERS\fpcibase.sys
08:51:56.0088 0x0704 FPCIBASE - ok
08:51:56.0218 0x0704 [ 6A4AC533855F11C10764FFDF2AC3F7D0, 16DD69AF4CD85FBEC4CA4C9728D1FCE41E24FE663F6AFA3CFA394C8CBA6275F3 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
08:51:56.0238 0x0704 Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
08:51:56.0518 0x0704 Detect skipped due to KSN trusted
08:51:56.0518 0x0704 Freemake Improver - ok
08:51:56.0578 0x0704 [ E54DA03A8EEB8C002C6F2E709B08651A, 82B46688494AD687D1256D6B48F86699467419D0D0A980E9F639764EA4792CE7 ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
08:51:56.0588 0x0704 FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )
08:51:56.0888 0x0704 Detect skipped due to KSN trusted
08:51:56.0888 0x0704 FreemakeVideoCapture - ok
08:51:56.0908 0x0704 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:51:56.0938 0x0704 FsDepends - ok
08:51:56.0958 0x0704 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:51:56.0978 0x0704 Fs_Rec - ok
08:51:56.0998 0x0704 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:51:57.0028 0x0704 fvevol - ok
08:51:57.0038 0x0704 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:51:57.0048 0x0704 gagp30kx - ok
08:51:57.0078 0x0704 [ 1EDC1A2C1762EF7A0782938F17971C12, DDC021AD302589E8A9831A90489F7CFCABBADA5BA9C5623583CC9ED0700B2113 ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
08:51:57.0088 0x0704 GDBehave - ok
08:51:57.0188 0x0704 [ 69696B81799AA3CD816D99D606E97941, 2A41DA72FE4465ECA21B56D82CC18E1C26B84D5F1F4B605C2D1D4CF741F1D73C ] GDFwSvc C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
08:51:57.0268 0x0704 GDFwSvc - ok
08:51:57.0328 0x0704 [ 9F17FCAF51F361A81EE6AB8B0CFDCC96, C9B01E35A442C91F73FA64758734CD553688E19925FEC84A66AF6AEA5033348D ] GDKBFlt C:\Windows\system32\drivers\GDKBFlt64.sys
08:51:57.0338 0x0704 GDKBFlt - ok
08:51:57.0368 0x0704 [ 905D29BA89387209BD41126E91E0E18E, 4A2D85F218E7033A0169DDBA267FC1A1F6CD4B3810DE705A74CBEAF78A8F4747 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
08:51:57.0378 0x0704 GDMnIcpt - ok
08:51:57.0418 0x0704 [ 527B1CAA9661D518AC5182292C35AEC7, 1E56FC0EDFED7D60798930812AB0BB623A6721D433B69AD0152379B412CCE4D4 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
08:51:57.0428 0x0704 GDPkIcpt - ok
08:51:57.0498 0x0704 [ CC88D7254787D15B84377137BF739F90, F01BF995EDB533C7E6F2A5B9591DA0B4F8F4E79CC45C2DA73198F4B4A8624F0B ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
08:51:57.0528 0x0704 GDScan - ok
08:51:57.0548 0x0704 [ E06B66227AF4E660D5F18D44231D984F, C8E75C7925E74F6811DFFDB81F5572DAAD124EC156B0FFBA4FF0DD60378EFA6A ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd64.sys
08:51:57.0558 0x0704 gdwfpcd - ok
08:51:57.0598 0x0704 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:51:57.0608 0x0704 GEARAspiWDM - ok
08:51:57.0668 0x0704 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
08:51:57.0708 0x0704 gpsvc - ok
08:51:57.0728 0x0704 [ 380B83300E019065C3B5FA47136F8356, 4279367B4C9683A855C26A0012C3C078EDF21957D97F07FB1F07EB363F674C14 ] GRD C:\Windows\system32\drivers\GRD.sys
08:51:57.0738 0x0704 GRD - ok
08:51:57.0818 0x0704 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:51:57.0848 0x0704 gupdate - ok
08:51:57.0848 0x0704 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:51:57.0858 0x0704 gupdatem - ok
08:51:57.0918 0x0704 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:51:57.0948 0x0704 gusvc - ok
08:51:57.0968 0x0704 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:51:57.0988 0x0704 hcw85cir - ok
08:51:58.0038 0x0704 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:51:58.0068 0x0704 HdAudAddService - ok
08:51:58.0098 0x0704 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:51:58.0108 0x0704 HDAudBus - ok
08:51:58.0138 0x0704 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
08:51:58.0148 0x0704 HECIx64 - ok
08:51:58.0158 0x0704 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:51:58.0168 0x0704 HidBatt - ok
08:51:58.0198 0x0704 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:51:58.0218 0x0704 HidBth - ok
08:51:58.0238 0x0704 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:51:58.0258 0x0704 HidIr - ok
08:51:58.0268 0x0704 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
08:51:58.0298 0x0704 hidserv - ok
08:51:58.0338 0x0704 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:51:58.0368 0x0704 HidUsb - ok
08:51:58.0388 0x0704 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:51:58.0458 0x0704 hkmsvc - ok
08:51:58.0488 0x0704 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:51:58.0508 0x0704 HomeGroupListener - ok
08:51:58.0538 0x0704 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:51:58.0548 0x0704 HomeGroupProvider - ok
08:51:58.0568 0x0704 [ EB6EB3DCC2AD18236EEC42B2FC7BD806, A1334E802997FA2DF34B3C2860731BE03ADB5D1908DDBBCB4A46761ACC568573 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
08:51:58.0578 0x0704 HookCentre - ok
08:51:58.0638 0x0704 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:51:58.0668 0x0704 HpSAMD - ok
08:51:58.0708 0x0704 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
08:51:58.0738 0x0704 HTCAND64 - ok
08:51:58.0828 0x0704 [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
08:51:58.0848 0x0704 HTCMonitorService - ok
08:51:58.0868 0x0704 [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
08:51:58.0888 0x0704 htcnprot - ok
08:51:58.0918 0x0704 [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32 C:\Windows\system32\DRIVERS\HtcVComV64.sys
08:51:58.0958 0x0704 HtcVCom32 - ok
08:51:59.0018 0x0704 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:51:59.0068 0x0704 HTTP - ok
08:51:59.0078 0x0704 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:51:59.0088 0x0704 hwpolicy - ok
08:51:59.0148 0x0704 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:51:59.0158 0x0704 i8042prt - ok
08:51:59.0188 0x0704 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:51:59.0208 0x0704 iaStorV - ok
08:51:59.0268 0x0704 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:51:59.0288 0x0704 idsvc - ok
08:51:59.0298 0x0704 IEEtwCollectorService - ok
08:51:59.0328 0x0704 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:51:59.0338 0x0704 iirsp - ok
08:51:59.0378 0x0704 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
08:51:59.0408 0x0704 IKEEXT - ok
08:51:59.0478 0x0704 [ F04D22D7A49A1B2210DBADF0B803E870, EC3CB81392784E1FBA79846D9241A8F58B5C0B03733A161AAB3EA5ECF4105A11 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:51:59.0528 0x0704 IntcAzAudAddService - ok
08:51:59.0548 0x0704 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
08:51:59.0558 0x0704 intelide - ok
08:51:59.0568 0x0704 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:51:59.0578 0x0704 intelppm - ok
08:51:59.0598 0x0704 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:51:59.0628 0x0704 IPBusEnum - ok
08:51:59.0648 0x0704 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:51:59.0678 0x0704 IpFilterDriver - ok
08:51:59.0708 0x0704 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:51:59.0728 0x0704 iphlpsvc - ok
08:51:59.0778 0x0704 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:51:59.0788 0x0704 IPMIDRV - ok
08:51:59.0798 0x0704 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:51:59.0828 0x0704 IPNAT - ok
08:51:59.0878 0x0704 [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:51:59.0898 0x0704 iPod Service - ok
08:51:59.0918 0x0704 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:51:59.0928 0x0704 IRENUM - ok
08:51:59.0958 0x0704 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:51:59.0968 0x0704 isapnp - ok
08:52:00.0008 0x0704 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:52:00.0038 0x0704 iScsiPrt - ok
08:52:00.0078 0x0704 [ 9D7EA8C7215D8D4AE7BE110EEE61085D, C8AEC99985AEAD52FA4FA14DA98EE465594EA1392E2010D0B474CD467D766EE8 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
08:52:00.0098 0x0704 k57nd60a - ok
08:52:00.0108 0x0704 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:52:00.0118 0x0704 kbdclass - ok
08:52:00.0138 0x0704 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:52:00.0148 0x0704 kbdhid - ok
08:52:00.0168 0x0704 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
08:52:00.0178 0x0704 KeyIso - ok
08:52:00.0228 0x0704 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:52:00.0248 0x0704 KSecDD - ok
08:52:00.0268 0x0704 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:52:00.0288 0x0704 KSecPkg - ok
08:52:00.0298 0x0704 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:52:00.0328 0x0704 ksthunk - ok
08:52:00.0368 0x0704 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
08:52:00.0398 0x0704 KtmRm - ok
08:52:00.0428 0x0704 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:52:00.0458 0x0704 LanmanServer - ok
08:52:00.0478 0x0704 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:52:00.0508 0x0704 LanmanWorkstation - ok
08:52:00.0648 0x0704 [ 7772DFAB22611050B79504E671B06E6E, 331FE235EDBCF48EE96A5A9D5D0560457CD85FA3FD7BEACD3700055F815D9F13 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
08:52:00.0678 0x0704 LBTServ - ok
08:52:00.0758 0x0704 [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
08:52:00.0778 0x0704 LHidFilt - ok
08:52:00.0858 0x0704 [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
08:52:00.0878 0x0704 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
08:52:01.0198 0x0704 Detect skipped due to KSN trusted
08:52:01.0198 0x0704 LightScribeService - ok
08:52:01.0228 0x0704 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:52:01.0258 0x0704 lltdio - ok
08:52:01.0288 0x0704 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:52:01.0328 0x0704 lltdsvc - ok
08:52:01.0348 0x0704 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:52:01.0378 0x0704 lmhosts - ok
08:52:01.0388 0x0704 [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
08:52:01.0398 0x0704 LMouFilt - ok
08:52:01.0408 0x0704 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:52:01.0418 0x0704 LSI_FC - ok
08:52:01.0438 0x0704 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:52:01.0448 0x0704 LSI_SAS - ok
08:52:01.0458 0x0704 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:52:01.0468 0x0704 LSI_SAS2 - ok
08:52:01.0478 0x0704 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:52:01.0488 0x0704 LSI_SCSI - ok
08:52:01.0498 0x0704 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
08:52:01.0528 0x0704 luafv - ok
08:52:01.0598 0x0704 [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
08:52:01.0618 0x0704 MBAMSwissArmy - ok
08:52:01.0648 0x0704 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:52:01.0658 0x0704 Mcx2Svc - ok
08:52:01.0678 0x0704 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:52:01.0688 0x0704 megasas - ok
08:52:01.0708 0x0704 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:52:01.0728 0x0704 MegaSR - ok
08:52:01.0748 0x0704 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
08:52:01.0778 0x0704 MMCSS - ok
08:52:01.0788 0x0704 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
08:52:01.0818 0x0704 Modem - ok
08:52:01.0828 0x0704 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:52:01.0838 0x0704 monitor - ok
08:52:01.0868 0x0704 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:52:01.0878 0x0704 mouclass - ok
08:52:01.0888 0x0704 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:52:01.0898 0x0704 mouhid - ok
08:52:01.0938 0x0704 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:52:01.0948 0x0704 mountmgr - ok
08:52:01.0978 0x0704 [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:52:01.0998 0x0704 MozillaMaintenance - ok
08:52:02.0028 0x0704 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
08:52:02.0038 0x0704 mpio - ok
08:52:02.0048 0x0704 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:52:02.0078 0x0704 mpsdrv - ok
08:52:02.0128 0x0704 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:52:02.0178 0x0704 MpsSvc - ok
08:52:02.0198 0x0704 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:52:02.0228 0x0704 MRxDAV - ok
08:52:02.0258 0x0704 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:52:02.0278 0x0704 mrxsmb - ok
08:52:02.0288 0x0704 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:52:02.0308 0x0704 mrxsmb10 - ok
08:52:02.0328 0x0704 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:52:02.0348 0x0704 mrxsmb20 - ok
08:52:02.0388 0x0704 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
08:52:02.0398 0x0704 msahci - ok
08:52:02.0448 0x0704 [ A592A054D78750B4D73ABAA4C94DECDF, 40B135C9F9EE698EC78BD19BD18353AE2CF4D020DDB9CFC37CD2FDBF7602614A ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
08:52:02.0458 0x0704 MSCamSvc - ok
08:52:02.0468 0x0704 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:52:02.0488 0x0704 msdsm - ok
08:52:02.0498 0x0704 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
08:52:02.0518 0x0704 MSDTC - ok
08:52:02.0548 0x0704 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:52:02.0578 0x0704 Msfs - ok
08:52:02.0598 0x0704 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:52:02.0638 0x0704 mshidkmdf - ok
08:52:02.0658 0x0704 [ 55218F924E55FD2786ED40EDF4ED79C3, C6000DE3A1FB526ECB77438A03F7212517CCD5E0CC9DDA07826865F8B980BEA0 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
08:52:02.0668 0x0704 MSHUSBVideo - ok
08:52:02.0708 0x0704 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:52:02.0718 0x0704 msisadrv - ok
08:52:02.0748 0x0704 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:52:02.0778 0x0704 MSiSCSI - ok
08:52:02.0788 0x0704 msiserver - ok
08:52:02.0808 0x0704 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:52:02.0838 0x0704 MSKSSRV - ok
08:52:02.0838 0x0704 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:52:02.0868 0x0704 MSPCLOCK - ok
08:52:02.0878 0x0704 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:52:02.0908 0x0704 MSPQM - ok
08:52:02.0938 0x0704 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:52:02.0958 0x0704 MsRPC - ok
08:52:02.0958 0x0704 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:52:02.0968 0x0704 mssmbios - ok
08:52:02.0978 0x0704 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:52:03.0008 0x0704 MSTEE - ok
08:52:03.0018 0x0704 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:52:03.0028 0x0704 MTConfig - ok
08:52:03.0058 0x0704 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
08:52:03.0078 0x0704 Mup - ok
08:52:03.0098 0x0704 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
08:52:03.0138 0x0704 napagent - ok
08:52:03.0178 0x0704 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:52:03.0198 0x0704 NativeWifiP - ok
08:52:03.0328 0x0704 [ 934BB0D23A25C8C136570800A5A149B6, 15D99CE4E970FECE257F6D69810F8104720B26D8DC3787BC38CC8692ACEABD37 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
08:52:03.0348 0x0704 NAUpdate - ok
08:52:03.0358 0x0704 [ DACA803A8D732FE5EEAA024EC342F81D, 2DDEA48CD417EDD657D487BADA7C31C05F35DA328AAC5AA63A99FDFD44F2BF02 ] NBVol C:\Windows\system32\DRIVERS\NBVol.sys
08:52:03.0368 0x0704 NBVol - ok
08:52:03.0388 0x0704 [ 6208F622E9E35860DFB0753DFF56F0C0, AF7730B4AB642E0E45C05AE1429C7B3D90B0889CF94B21AC7869790D4DB6FDBE ] NBVolUp C:\Windows\system32\DRIVERS\NBVolUp.sys
08:52:03.0398 0x0704 NBVolUp - ok
08:52:03.0438 0x0704 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
08:52:03.0468 0x0704 NDIS - ok
08:52:03.0488 0x0704 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:52:03.0518 0x0704 NdisCap - ok
08:52:03.0548 0x0704 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:52:03.0568 0x0704 NdisTapi - ok
08:52:03.0588 0x0704 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:52:03.0618 0x0704 Ndisuio - ok
08:52:03.0648 0x0704 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:52:03.0678 0x0704 NdisWan - ok
08:52:03.0688 0x0704 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:52:03.0718 0x0704 NDProxy - ok
08:52:03.0718 0x0704 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:52:03.0748 0x0704 NetBIOS - ok
08:52:03.0778 0x0704 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:52:03.0808 0x0704 NetBT - ok
08:52:03.0828 0x0704 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
08:52:03.0838 0x0704 Netlogon - ok
08:52:03.0858 0x0704 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
08:52:03.0898 0x0704 Netman - ok
08:52:03.0938 0x0704 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:52:03.0958 0x0704 NetMsmqActivator - ok
08:52:03.0958 0x0704 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:52:03.0978 0x0704 NetPipeActivator - ok
08:52:04.0008 0x0704 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
08:52:04.0048 0x0704 netprofm - ok
08:52:04.0048 0x0704 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:52:04.0068 0x0704 NetTcpActivator - ok
08:52:04.0068 0x0704 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:52:04.0088 0x0704 NetTcpPortSharing - ok
08:52:04.0128 0x0704 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:52:04.0148 0x0704 nfrd960 - ok
08:52:04.0168 0x0704 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:52:04.0188 0x0704 NlaSvc - ok
08:52:04.0228 0x0704 [ 1381E95D4E0F94F22DD484B5F8C1D61D, E91C10A62E3B5A610063F48354C6F4A1AAB7300A69EAD59E89ED8EEFDBD99062 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
08:52:04.0278 0x0704 nmwcd - ok
08:52:04.0428 0x0704 [ 205510CDB7B6084BF31760B5D06F9242, F3EAC6A7127DC5A0FEE7A9AFA561A8CA9B6E83FECCD731C890E85C33514B533B ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
08:52:04.0478 0x0704 nmwcdc - ok
08:52:04.0588 0x0704 [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf C:\Windows\system32\drivers\npf.sys
08:52:04.0608 0x0704 npf - ok
08:52:04.0628 0x0704 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:52:04.0678 0x0704 Npfs - ok
08:52:04.0688 0x0704 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
08:52:04.0718 0x0704 nsi - ok
08:52:04.0728 0x0704 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:52:04.0758 0x0704 nsiproxy - ok
08:52:04.0818 0x0704 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:52:04.0858 0x0704 Ntfs - ok
08:52:04.0878 0x0704 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
08:52:04.0908 0x0704 Null - ok
08:52:04.0948 0x0704 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:52:04.0958 0x0704 nvraid - ok
08:52:05.0008 0x0704 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:52:05.0018 0x0704 nvstor - ok
08:52:05.0038 0x0704 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:52:05.0048 0x0704 nv_agp - ok
08:52:05.0068 0x0704 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:52:05.0078 0x0704 ohci1394 - ok
08:52:05.0198 0x0704 [ FB565EAF1E99F57D1963189EE2F8ED66, 9371111512657A618F4E80DC6968317600872B46A15DF34D8486884B5A848897 ] OS Selector C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
08:52:05.0248 0x0704 OS Selector - ok
08:52:05.0298 0x0704 [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:52:05.0308 0x0704 ose64 - ok
08:52:05.0458 0x0704 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:52:05.0568 0x0704 osppsvc - ok
08:52:05.0608 0x0704 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:52:05.0668 0x0704 p2pimsvc - ok
08:52:05.0688 0x0704 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
08:52:05.0708 0x0704 p2psvc - ok
08:52:05.0748 0x0704 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:52:05.0758 0x0704 Parport - ok
08:52:05.0788 0x0704 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:52:05.0798 0x0704 partmgr - ok
08:52:05.0868 0x0704 [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
08:52:05.0888 0x0704 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
08:52:06.0168 0x0704 Detect skipped due to KSN trusted
08:52:06.0168 0x0704 PassThru Service - ok
08:52:06.0178 0x0704 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
08:52:06.0198 0x0704 PcaSvc - ok
08:52:06.0228 0x0704 [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
08:52:06.0248 0x0704 pccsmcfd - ok
08:52:06.0318 0x0704 [ 4B5F5774FF1C577B9515FDD2B5C535C5, 1D053020079124AC526D84AFFB17BF4A1563ECD872C83B4B6299C9AA6A732557 ] PCDSRVC{D3412D80-CF3B4A27-06020200}_0 c:\program files\my dell\pcdsrvc_x64.pkms
08:52:06.0328 0x0704 PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - ok
08:52:06.0368 0x0704 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
08:52:06.0388 0x0704 pci - ok
08:52:06.0428 0x0704 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
08:52:06.0448 0x0704 pciide - ok
08:52:06.0478 0x0704 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:52:06.0498 0x0704 pcmcia - ok
08:52:06.0508 0x0704 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
08:52:06.0518 0x0704 pcw - ok
08:52:06.0608 0x0704 [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
08:52:06.0648 0x0704 PDF Architect Helper Service - ok
08:52:06.0688 0x0704 [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
08:52:06.0708 0x0704 PDF Architect Service - ok
08:52:06.0738 0x0704 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:52:06.0778 0x0704 PEAUTH - ok
08:52:06.0828 0x0704 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
08:52:06.0868 0x0704 PeerDistSvc - ok
08:52:06.0928 0x0704 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:52:06.0958 0x0704 PerfHost - ok
08:52:07.0018 0x0704 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
08:52:07.0078 0x0704 pla - ok
08:52:07.0128 0x0704 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:52:07.0148 0x0704 PlugPlay - ok
08:52:07.0158 0x0704 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:52:07.0168 0x0704 PNRPAutoReg - ok
08:52:07.0188 0x0704 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:52:07.0208 0x0704 PNRPsvc - ok
08:52:07.0228 0x0704 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:52:07.0268 0x0704 PolicyAgent - ok
08:52:07.0288 0x0704 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
08:52:07.0318 0x0704 Power - ok
08:52:07.0338 0x0704 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:52:07.0368 0x0704 PptpMiniport - ok
08:52:07.0388 0x0704 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:52:07.0398 0x0704 Processor - ok
08:52:07.0418 0x0704 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
08:52:07.0438 0x0704 ProfSvc - ok
08:52:07.0448 0x0704 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:52:07.0458 0x0704 ProtectedStorage - ok
08:52:07.0488 0x0704 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:52:07.0518 0x0704 Psched - ok
08:52:07.0548 0x0704 [ A6BF0A9B5A30D743623CA0D3BE35DF05, 0AA2DAE7ADC38F4197548DE174D551A0CF9281D2680B07E6C84914CA199C0661 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
08:52:07.0558 0x0704 PxHlpa64 - ok
08:52:07.0618 0x0704 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:52:07.0658 0x0704 ql2300 - ok
08:52:07.0678 0x0704 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:52:07.0688 0x0704 ql40xx - ok
08:52:07.0718 0x0704 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
08:52:07.0738 0x0704 QWAVE - ok
08:52:07.0748 0x0704 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:52:07.0758 0x0704 QWAVEdrv - ok
08:52:07.0768 0x0704 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:52:07.0798 0x0704 RasAcd - ok
08:52:07.0808 0x0704 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:52:07.0838 0x0704 RasAgileVpn - ok
08:52:07.0848 0x0704 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
08:52:07.0878 0x0704 RasAuto - ok
08:52:07.0908 0x0704 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:52:07.0929 0x0704 Rasl2tp - ok
08:52:07.0969 0x0704 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
08:52:07.0999 0x0704 RasMan - ok
08:52:08.0009 0x0704 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:52:08.0039 0x0704 RasPppoe - ok
08:52:08.0049 0x0704 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:52:08.0079 0x0704 RasSstp - ok
08:52:08.0099 0x0704 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:52:08.0129 0x0704 rdbss - ok
08:52:08.0139 0x0704 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:52:08.0159 0x0704 rdpbus - ok
08:52:08.0169 0x0704 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:52:08.0199 0x0704 RDPCDD - ok
08:52:08.0239 0x0704 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
08:52:08.0259 0x0704 RDPDR - ok
08:52:08.0279 0x0704 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:52:08.0309 0x0704 RDPENCDD - ok
08:52:08.0319 0x0704 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:52:08.0349 0x0704 RDPREFMP - ok
08:52:08.0379 0x0704 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:52:08.0399 0x0704 RDPWD - ok
08:52:08.0439 0x0704 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:52:08.0449 0x0704 rdyboost - ok
08:52:08.0469 0x0704 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:52:08.0499 0x0704 RemoteAccess - ok
08:52:08.0519 0x0704 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:52:08.0549 0x0704 RemoteRegistry - ok
08:52:08.0559 0x0704 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:52:08.0589 0x0704 RpcEptMapper - ok
08:52:08.0589 0x0704 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
08:52:08.0609 0x0704 RpcLocator - ok
08:52:08.0639 0x0704 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
08:52:08.0669 0x0704 RpcSs - ok
08:52:08.0689 0x0704 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:52:08.0709 0x0704 rspndr - ok
08:52:08.0739 0x0704 [ A29F3787FEA005C8355F62321BE9E065, A1BE2758EE21CBFB00E6F32D3C62323D890BD9AD177E880390CFAD9F5326A9B3 ] rusb3hub C:\Windows\system32\DRIVERS\rusb3hub.sys
08:52:08.0749 0x0704 rusb3hub - ok
08:52:08.0769 0x0704 [ 0FE1DB20DA9863CD5B397717FF07738B, 3BCA3269A6ECA501508F2BAC56DB9C0B2DAD3DDA853C5FB168E4C628A94E1C83 ] rusb3xhc C:\Windows\system32\DRIVERS\rusb3xhc.sys
08:52:08.0779 0x0704 rusb3xhc - ok
08:52:08.0819 0x0704 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
08:52:08.0829 0x0704 s3cap - ok
08:52:08.0849 0x0704 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
08:52:08.0879 0x0704 SamSs - ok
08:52:08.0929 0x0704 [ 328100AF2EFD951EAB657384EC361B6F, 2DECBF74E13511395AA13F931F06F4D557E67654DA3314D0095C332FB758B4D9 ] SamsungAllShareV2.0 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
08:52:08.0939 0x0704 SamsungAllShareV2.0 - ok
08:52:08.0979 0x0704 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:52:08.0989 0x0704 sbp2port - ok
08:52:09.0039 0x0704 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:52:09.0069 0x0704 SCardSvr - ok
08:52:09.0089 0x0704 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:52:09.0119 0x0704 scfilter - ok
08:52:09.0159 0x0704 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
08:52:09.0209 0x0704 Schedule - ok
08:52:09.0229 0x0704 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
08:52:09.0259 0x0704 SCPolicySvc - ok
08:52:09.0279 0x0704 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:52:09.0289 0x0704 SDRSVC - ok
08:52:09.0319 0x0704 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:52:09.0349 0x0704 secdrv - ok
08:52:09.0369 0x0704 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
08:52:09.0399 0x0704 seclogon - ok
08:52:09.0409 0x0704 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
08:52:09.0429 0x0704 SENS - ok
08:52:09.0439 0x0704 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:52:09.0459 0x0704 SensrSvc - ok
08:52:09.0469 0x0704 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:52:09.0479 0x0704 Serenum - ok
08:52:09.0509 0x0704 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:52:09.0519 0x0704 Serial - ok
08:52:09.0549 0x0704 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:52:09.0559 0x0704 sermouse - ok
08:52:09.0639 0x0704 [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
08:52:09.0659 0x0704 ServiceLayer - ok
08:52:09.0689 0x0704 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
08:52:09.0719 0x0704 SessionEnv - ok
08:52:09.0749 0x0704 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:52:09.0759 0x0704 sffdisk - ok
08:52:09.0769 0x0704 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:52:09.0789 0x0704 sffp_mmc - ok
08:52:09.0799 0x0704 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:52:09.0809 0x0704 sffp_sd - ok
08:52:09.0829 0x0704 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:52:09.0839 0x0704 sfloppy - ok
08:52:09.0879 0x0704 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:52:09.0919 0x0704 SharedAccess - ok
08:52:09.0949 0x0704 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:52:09.0979 0x0704 ShellHWDetection - ok
08:52:10.0019 0x0704 [ 1980FE1F5A32067DAD1D8776B63C2669, 26B53EAF89CDBBA8FFA154DBB1F1DA348F894FE1F1D0CA4060E32496464DD5D2 ] SimpleSlideShowServer C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
08:52:10.0039 0x0704 SimpleSlideShowServer - ok
08:52:10.0069 0x0704 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:52:10.0089 0x0704 SiSRaid2 - ok
08:52:10.0099 0x0704 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:52:10.0119 0x0704 SiSRaid4 - ok
08:52:10.0159 0x0704 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:52:10.0189 0x0704 SkypeUpdate - ok
08:52:10.0199 0x0704 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:52:10.0229 0x0704 Smb - ok
08:52:10.0279 0x0704 [ FBE0201AB61E18934C812C34D31A4403, 549E51FC11CCA30B21970C90F4799D6CB94481CDC623B8C319F16DAEFC8A190B ] snapman C:\Windows\system32\DRIVERS\snapman.sys
08:52:10.0309 0x0704 snapman - ok
08:52:10.0319 0x0704 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:52:10.0339 0x0704 SNMPTRAP - ok
08:52:10.0349 0x0704 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
08:52:10.0359 0x0704 spldr - ok
08:52:10.0429 0x0704 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
08:52:10.0459 0x0704 Spooler - ok
08:52:10.0579 0x0704 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
08:52:10.0689 0x0704 sppsvc - ok
08:52:10.0719 0x0704 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:52:10.0749 0x0704 sppuinotify - ok
08:52:10.0779 0x0704 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:52:10.0799 0x0704 srv - ok
08:52:10.0819 0x0704 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:52:10.0839 0x0704 srv2 - ok
08:52:10.0849 0x0704 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:52:10.0869 0x0704 srvnet - ok
08:52:10.0879 0x0704 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:52:10.0909 0x0704 SSDPSRV - ok
08:52:10.0919 0x0704 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:52:10.0949 0x0704 SstpSvc - ok
08:52:10.0999 0x0704 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:52:11.0009 0x0704 stexstor - ok
08:52:11.0029 0x0704 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
08:52:11.0059 0x0704 StillCam - ok
08:52:11.0149 0x0704 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
08:52:11.0189 0x0704 stisvc - ok
08:52:11.0249 0x0704 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
08:52:11.0259 0x0704 storflt - ok
08:52:11.0279 0x0704 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
08:52:11.0299 0x0704 StorSvc - ok
08:52:11.0329 0x0704 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
08:52:11.0339 0x0704 storvsc - ok
08:52:11.0349 0x0704 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
08:52:11.0359 0x0704 swenum - ok
08:52:11.0379 0x0704 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
08:52:11.0419 0x0704 swprv - ok
08:52:11.0679 0x0704 [ 0FE29D81F372CA2DCE9E49736A3BD3E6, 10ED93BEE7ECBD2AF5E7AB0197CC82A5424FD63A2ED90F0417B266AD06E5F32C ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
08:52:11.0829 0x0704 syncagentsrv - ok
08:52:11.0899 0x0704 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
08:52:11.0949 0x0704 SysMain - ok
08:52:11.0979 0x0704 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:52:11.0999 0x0704 TabletInputService - ok
08:52:12.0029 0x0704 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
08:52:12.0059 0x0704 TapiSrv - ok
08:52:12.0079 0x0704 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
08:52:12.0099 0x0704 TBS - ok
08:52:12.0209 0x0704 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:52:12.0259 0x0704 Tcpip - ok
08:52:12.0309 0x0704 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:52:12.0349 0x0704 TCPIP6 - ok
08:52:12.0379 0x0704 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:52:12.0389 0x0704 tcpipreg - ok
08:52:12.0419 0x0704 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:52:12.0429 0x0704 TDPIPE - ok
08:52:12.0479 0x0704 [ 07330E30921C70E9D9B416EE43A06349, 398500C12E685BCF732C7F80A2C0E95181E5377A0E6C14CF9A3EE8580083A556 ] tdrpman C:\Windows\system32\DRIVERS\tdrpman.sys
08:52:12.0519 0x0704 tdrpman - ok
08:52:12.0559 0x0704 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:52:12.0569 0x0704 TDTCP - ok
08:52:12.0599 0x0704 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:52:12.0629 0x0704 tdx - ok
08:52:12.0929 0x0704 [ 3438EFDC30F7A41D3598ED60BBF6CF2A, 342B8E78DF6B4BA641C5CCB5B1343B363B770681F0794A809728789E3BE56E46 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
08:52:13.0069 0x0704 TeamViewer9 - ok
08:52:13.0099 0x0704 [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
08:52:13.0109 0x0704 teamviewervpn - ok
08:52:13.0159 0x0704 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
08:52:13.0179 0x0704 TermDD - ok
08:52:13.0209 0x0704 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
08:52:13.0259 0x0704 TermService - ok
08:52:13.0269 0x0704 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
08:52:13.0289 0x0704 Themes - ok
08:52:13.0299 0x0704 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
08:52:13.0329 0x0704 THREADORDER - ok
08:52:13.0369 0x0704 [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib C:\Windows\system32\DRIVERS\tib.sys
08:52:13.0399 0x0704 tib - ok
08:52:13.0409 0x0704 [ 3C29FB9FC9B4C511AD69DC50257FEC75, 4906DADE076FD363C53044C805602EEA4D0EF6E92041C693E1BED2286614B36E ] tib_mounter C:\Windows\system32\DRIVERS\tib_mounter.sys
08:52:13.0419 0x0704 tib_mounter - ok
08:52:13.0429 0x0704 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
08:52:13.0459 0x0704 TrkWks - ok
08:52:13.0489 0x0704 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:52:13.0519 0x0704 TrustedInstaller - ok
08:52:13.0539 0x0704 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:52:13.0549 0x0704 tssecsrv - ok
08:52:13.0569 0x0704 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:52:13.0579 0x0704 TsUsbFlt - ok
08:52:13.0619 0x0704 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:52:13.0649 0x0704 tunnel - ok
08:52:13.0659 0x0704 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:52:13.0669 0x0704 uagp35 - ok
08:52:13.0699 0x0704 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:52:13.0729 0x0704 udfs - ok
08:52:13.0749 0x0704 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:52:13.0759 0x0704 UI0Detect - ok
08:52:13.0789 0x0704 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:52:13.0799 0x0704 uliagpkx - ok
08:52:13.0859 0x0704 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
08:52:13.0889 0x0704 umbus - ok
08:52:13.0899 0x0704 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:52:13.0919 0x0704 UmPass - ok
08:52:13.0949 0x0704 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
08:52:13.0969 0x0704 UmRdpService - ok
08:52:13.0989 0x0704 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
08:52:14.0029 0x0704 upnphost - ok
08:52:14.0079 0x0704 [ 311C90F0767A63000AC35DD0A7078A30, DB80E10015DCC595F90C31CE61590DB07E84F8B13DA904B2D59233678C366A2D ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
08:52:14.0119 0x0704 upperdev - ok
08:52:14.0169 0x0704 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
08:52:14.0189 0x0704 USBAAPL64 - ok
08:52:14.0259 0x0704 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
08:52:14.0279 0x0704 usbaudio - ok
08:52:14.0299 0x0704 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:52:14.0319 0x0704 usbccgp - ok
08:52:14.0359 0x0704 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:52:14.0389 0x0704 usbcir - ok
08:52:14.0409 0x0704 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:52:14.0429 0x0704 usbehci - ok
08:52:14.0459 0x0704 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:52:14.0499 0x0704 usbhub - ok
08:52:14.0519 0x0704 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:52:14.0539 0x0704 usbohci - ok
08:52:14.0559 0x0704 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:52:14.0579 0x0704 usbprint - ok
08:52:14.0629 0x0704 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\DRIVERS\usbser.sys
08:52:14.0659 0x0704 usbser - ok
08:52:14.0669 0x0704 [ C03DA998E412D69D18DD11D835229AF0, DD43E370EF370767588A6D56A51A4ADF99B5E063C7AA0528F91FD431DE7C2932 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
08:52:14.0709 0x0704 UsbserFilt - ok
08:52:14.0749 0x0704 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:52:14.0779 0x0704 USBSTOR - ok
08:52:14.0789 0x0704 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:52:14.0809 0x0704 usbuhci - ok
08:52:14.0859 0x0704 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
08:52:14.0889 0x0704 usbvideo - ok
08:52:14.0919 0x0704 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
08:52:14.0939 0x0704 usb_rndisx - ok
08:52:14.0959 0x0704 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
08:52:14.0989 0x0704 UxSms - ok
08:52:15.0009 0x0704 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
08:52:15.0019 0x0704 VaultSvc - ok
08:52:15.0039 0x0704 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:52:15.0049 0x0704 vdrvroot - ok
08:52:15.0079 0x0704 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
08:52:15.0119 0x0704 vds - ok
08:52:15.0139 0x0704 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:52:15.0159 0x0704 vga - ok
08:52:15.0169 0x0704 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
08:52:15.0199 0x0704 VgaSave - ok
08:52:15.0229 0x0704 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:52:15.0239 0x0704 vhdmp - ok
08:52:15.0269 0x0704 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
08:52:15.0279 0x0704 viaide - ok
08:52:15.0299 0x0704 [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr C:\Windows\system32\DRIVERS\vididr.sys
08:52:15.0319 0x0704 vididr - ok
08:52:15.0329 0x0704 [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt C:\Windows\system32\DRIVERS\vidsflt.sys
08:52:15.0339 0x0704 vidsflt - ok
08:52:15.0349 0x0704 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
08:52:15.0369 0x0704 vmbus - ok
08:52:15.0389 0x0704 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
08:52:15.0399 0x0704 VMBusHID - ok
08:52:15.0429 0x0704 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:52:15.0439 0x0704 volmgr - ok
08:52:15.0469 0x0704 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:52:15.0489 0x0704 volmgrx - ok
08:52:15.0499 0x0704 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:52:15.0519 0x0704 volsnap - ok
08:52:15.0549 0x0704 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:52:15.0579 0x0704 vsmraid - ok
08:52:15.0639 0x0704 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
08:52:15.0709 0x0704 VSS - ok
08:52:15.0719 0x0704 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
08:52:15.0729 0x0704 vwifibus - ok
08:52:15.0759 0x0704 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
08:52:15.0799 0x0704 W32Time - ok
08:52:15.0809 0x0704 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:52:15.0819 0x0704 WacomPen - ok
08:52:15.0839 0x0704 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:52:15.0869 0x0704 WANARP - ok
08:52:15.0869 0x0704 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:52:15.0899 0x0704 Wanarpv6 - ok
08:52:16.0039 0x0704 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
08:52:16.0089 0x0704 wbengine - ok
08:52:16.0089 0x0704 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:52:16.0109 0x0704 WbioSrvc - ok
08:52:16.0169 0x0704 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:52:16.0209 0x0704 wcncsvc - ok
08:52:16.0229 0x0704 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:52:16.0239 0x0704 WcsPlugInService - ok
08:52:16.0259 0x0704 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:52:16.0279 0x0704 Wd - ok
08:52:16.0319 0x0704 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:52:16.0359 0x0704 Wdf01000 - ok
08:52:16.0379 0x0704 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:52:16.0389 0x0704 WdiServiceHost - ok
08:52:16.0399 0x0704 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:52:16.0419 0x0704 WdiSystemHost - ok
08:52:16.0439 0x0704 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
08:52:16.0459 0x0704 WebClient - ok
08:52:16.0469 0x0704 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:52:16.0499 0x0704 Wecsvc - ok
08:52:16.0509 0x0704 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:52:16.0539 0x0704 wercplsupport - ok
08:52:16.0559 0x0704 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
08:52:16.0579 0x0704 WerSvc - ok
08:52:16.0599 0x0704 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:52:16.0619 0x0704 WfpLwf - ok
08:52:16.0629 0x0704 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:52:16.0639 0x0704 WIMMount - ok
08:52:16.0659 0x0704 WinDefend - ok
08:52:16.0659 0x0704 WinHttpAutoProxySvc - ok
08:52:16.0709 0x0704 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:52:16.0739 0x0704 Winmgmt - ok
08:52:16.0829 0x0704 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
08:52:16.0899 0x0704 WinRM - ok
08:52:16.0949 0x0704 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
08:52:16.0969 0x0704 WinUsb - ok
08:52:17.0189 0x0704 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
08:52:17.0229 0x0704 Wlansvc - ok
08:52:17.0279 0x0704 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:52:17.0289 0x0704 WmiAcpi - ok
08:52:17.0399 0x0704 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:52:17.0409 0x0704 wmiApSrv - ok
08:52:17.0519 0x0704 WMPNetworkSvc - ok
08:52:17.0569 0x0704 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:52:17.0579 0x0704 WPCSvc - ok
08:52:17.0619 0x0704 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:52:17.0659 0x0704 WPDBusEnum - ok
08:52:17.0699 0x0704 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:52:17.0739 0x0704 ws2ifsl - ok
08:52:17.0759 0x0704 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
08:52:17.0779 0x0704 wscsvc - ok
08:52:17.0809 0x0704 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
08:52:17.0829 0x0704 WSDPrintDevice - ok
08:52:17.0839 0x0704 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
08:52:17.0849 0x0704 WSDScan - ok
08:52:17.0849 0x0704 WSearch - ok
08:52:17.0949 0x0704 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
08:52:18.0009 0x0704 wuauserv - ok
08:52:18.0029 0x0704 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:52:18.0049 0x0704 WudfPf - ok
08:52:18.0079 0x0704 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:52:18.0099 0x0704 WUDFRd - ok
08:52:18.0129 0x0704 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:52:18.0159 0x0704 wudfsvc - ok
08:52:18.0179 0x0704 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
08:52:18.0199 0x0704 WwanSvc - ok
08:52:18.0219 0x0704 ================ Scan global ===============================
08:52:18.0229 0x0704 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
08:52:18.0259 0x0704 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
08:52:18.0279 0x0704 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
08:52:18.0299 0x0704 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
08:52:18.0319 0x0704 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
08:52:18.0329 0x0704 [ Global ] - ok
08:52:18.0329 0x0704 ================ Scan MBR ==================================
08:52:18.0339 0x0704 [ E87267CB6496429BB50554191DA7C765 ] \Device\Harddisk0\DR0
08:52:18.0759 0x0704 \Device\Harddisk0\DR0 - ok
08:52:18.0769 0x0704 [ F2634EFAB9E22A7870007C2453CEFE38 ] \Device\Harddisk1\DR1
08:52:19.0389 0x0704 \Device\Harddisk1\DR1 - ok
08:52:19.0399 0x0704 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
08:52:19.0549 0x0704 \Device\Harddisk2\DR2 - ok
08:52:19.0549 0x0704 ================ Scan VBR ==================================
08:52:19.0559 0x0704 [ 33196769F5533E97BBF3CF1B0DBD7E97 ] \Device\Harddisk0\DR0\Partition1
08:52:19.0779 0x0704 \Device\Harddisk0\DR0\Partition1 - ok
08:52:19.0789 0x0704 [ D93A77E8B03537FE5B73AEA864B2D202 ] \Device\Harddisk0\DR0\Partition2
08:52:19.0859 0x0704 \Device\Harddisk0\DR0\Partition2 - ok
08:52:19.0859 0x0704 [ 4D770FA5EEDBA50288A779519E293433 ] \Device\Harddisk1\DR1\Partition1
08:52:19.0919 0x0704 \Device\Harddisk1\DR1\Partition1 - ok
08:52:19.0919 0x0704 [ D6B777808A122F9C5B8D9724B6FC2344 ] \Device\Harddisk1\DR1\Partition2
08:52:19.0989 0x0704 \Device\Harddisk1\DR1\Partition2 - ok
08:52:19.0999 0x0704 [ 2B505A9EECDD390A9F6C0753FE860D8C ] \Device\Harddisk1\DR1\Partition3
08:52:20.0049 0x0704 \Device\Harddisk1\DR1\Partition3 - ok
08:52:20.0059 0x0704 [ B67981594E46A69ABCA1D04672CD6AA4 ] \Device\Harddisk1\DR1\Partition4
08:52:20.0109 0x0704 \Device\Harddisk1\DR1\Partition4 - ok
08:52:20.0109 0x0704 [ 2F0174EF90787E5CE6EA31B007331B93 ] \Device\Harddisk2\DR2\Partition1
08:52:20.0119 0x0704 \Device\Harddisk2\DR2\Partition1 - ok
08:52:20.0119 0x0704 ================ Scan generic autorun ======================
08:52:20.0159 0x0704 [ A0B996A6D4F7502EC6A9AADFB87FDA25, 2A79F03DECCC5C11E5B14109F5FBD790A4E005A45C71766E3C85BF14699F034C ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
08:52:20.0179 0x0704 Acronis Scheduler2 Service - ok
08:52:20.0379 0x0704 [ 1869AA6DAF4F664660225B6D2102DF69, 636E9FBB2B27D8E084A3EABCDFE6498BCD38ACB6983D3D95FB9FB86716033235 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
08:52:20.0539 0x0704 RtHDVCpl - ok
08:52:20.0709 0x0704 [ DF72D700CC33611206675B8A2FD4D4F9, AB3AF6FD92140A1432FEAFFF2015CFAD5E9362F0018EA1D859A2DA349E95847D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
08:52:20.0749 0x0704 EvtMgr6 - ok
08:52:20.0789 0x0704 [ 80FDA1E7877DDBBB53D736AD290EC08A, E042AD1D6D6F04C2000853A16AEE4F28C6325ABE64C00890460A4EC7FB6D1939 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
08:52:20.0799 0x0704 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
08:52:21.0070 0x0704 Detect skipped due to KSN trusted
08:52:21.0070 0x0704 StartCCC - ok
08:52:21.0180 0x0704 [ 0B6307FB3D24EACBB86A51E285E1F384, 4658EEBD36669906C15D876B28D566E74703A81A3EF6ACE99EE2B6D8857DA594 ] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
08:52:21.0220 0x0704 GDFirewallTray - ok
08:52:21.0280 0x0704 [ A3A9E5888143F3DAB803B007393D791F, 42435F0AF4C942F4F05EB80B36188951A8BEAB3E50F67FCDB1FF8B52A04890C0 ] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
08:52:21.0300 0x0704 AdobeCS4ServiceManager - ok
08:52:21.0370 0x0704 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
08:52:21.0390 0x0704 Adobe ARM - ok
08:52:21.0540 0x0704 [ 22310E2C6AE375142ABBB9EF384ECD40, A8673DF56546E4CDD7A0099D8CCB889415125089F786D0637E8D9B21CE53AB4D ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
08:52:21.0650 0x0704 BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
08:52:21.0940 0x0704 Detect skipped due to KSN trusted
08:52:21.0940 0x0704 BrStsMon00 - ok
08:52:22.0010 0x0704 [ 0C0DD390CF53D506414AC2CAA68E7F34, C64A9BAF0FDA5161B9361FC454CA36E7595E6BC969A6FA03993C5949373D8A00 ] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
08:52:22.0070 0x0704 BrHelp - detected UnsignedFile.Multi.Generic ( 1 )
08:52:22.0350 0x0704 Detect skipped due to KSN trusted
08:52:22.0350 0x0704 BrHelp - ok
08:52:22.0430 0x0704 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
08:52:22.0480 0x0704 Sidebar - ok
08:52:22.0490 0x0704 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
08:52:22.0510 0x0704 mctadmin - ok
08:52:22.0540 0x0704 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
08:52:22.0580 0x0704 Sidebar - ok
08:52:22.0580 0x0704 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
08:52:22.0600 0x0704 mctadmin - ok
08:52:22.0750 0x0704 [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
08:52:22.0850 0x0704 LightScribe Control Panel - ok
08:52:22.0920 0x0704 [ 16D510C28673BF1565D096D41234773C, 72BC509E8D9B444B37F10A266DF8E05471FC0006F34367EEF24203419EE9585C ] C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe
08:52:22.0930 0x0704 dradio-RecorderTimer - detected UnsignedFile.Multi.Generic ( 1 )
08:52:23.0220 0x0704 Detect skipped due to KSN trusted
08:52:23.0220 0x0704 dradio-RecorderTimer - ok
08:52:23.0250 0x0704 [ 16D510C28673BF1565D096D41234773C, 72BC509E8D9B444B37F10A266DF8E05471FC0006F34367EEF24203419EE9585C ] C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe
08:52:23.0260 0x0704 dradio-RecorderTimer - detected UnsignedFile.Multi.Generic ( 1 )
08:52:23.0260 0x0704 Detect skipped due to KSN trusted
08:52:23.0260 0x0704 dradio-RecorderTimer - ok
08:52:23.0360 0x0704 [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
08:52:23.0430 0x0704 LightScribe Control Panel - ok
08:52:23.0490 0x0704 [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
08:52:23.0550 0x0704 LightScribe Control Panel - ok
08:52:23.0560 0x0704 Waiting for KSN requests completion. In queue: 167
08:52:24.0570 0x0704 AV detected via SS2: G Data InternetSecurity, C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.0.0.0 ), 0x41000 ( enabled : updated )
08:52:24.0570 0x0704 FW detected via SS2: G Data Personal Firewall, C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
08:52:26.0960 0x0704 ============================================================
08:52:26.0960 0x0704 Scan finished
08:52:26.0960 0x0704 ============================================================
08:52:26.0970 0x1540 Detected object count: 0
08:52:26.0970 0x1540 Actual detected object count: 0
[CODE] ,GMER Logfile: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-07 20:23:44
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST2000DM001-1CH164 rev.CC29 1863,02GB
Running: Gmer-19357.exe; Driver: C:\Users\HDS\AppData\Local\Temp\awlyipow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800031f6000 45 bytes [00, 00, 12, 02, 47, 44, 57, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 574 fffff800031f602e 17 bytes [5C, 00, 55, 00, 53, 00, 45, ...]
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\svchost.exe [1120:4064] 000007fee7c0a2b0
Thread C:\Windows\System32\svchost.exe [1120:1824] 000007fee52a3efc
Thread C:\Windows\System32\svchost.exe [1120:4816] 000007fee52e8a4c
Thread C:\Windows\system32\svchost.exe [1580:1164] 000007fefa2335c0
Thread C:\Windows\system32\svchost.exe [1580:5116] 000007fefa235600
Thread C:\Windows\system32\svchost.exe [1580:3812] 000007fee8662888
Thread C:\Windows\system32\svchost.exe [1580:2716] 000007fee84b2940
Thread C:\Windows\system32\svchost.exe [1580:4104] 000007fee8662a40
Thread C:\Windows\system32\svchost.exe [2312:2620] 000007fef99e5fd0
Thread C:\Windows\system32\svchost.exe [2312:2700] 000007fef91a3438
Thread C:\Windows\system32\svchost.exe [2312:2712] 000007fef99e63ec
Thread C:\Windows\system32\svchost.exe [2312:2848] 000000000033b128
Thread C:\Windows\system32\svchost.exe [2312:2984] 000007fef9a6a850
Thread C:\Windows\system32\Dwm.exe [2600:2956] 000007fef988f0d8
Thread C:\Windows\system32\Dwm.exe [2600:2960] 000007fef669abf0
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:2944] 000007fef7f2bd94
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:2948] 000007fef7ea3368
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:5060] 000007fef7ed87b8
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6440] 000007fef24b4bf4
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6608] 000007fef7fb8970
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:4796] 000007fef7ea3368
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6016] 000007fef7ea3368
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:3484] 000007fef7ea3368
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6468] 000007fef7e993d4
Thread C:\Windows\system32\wbem\wmiprvse.exe [3204:3244] 000007fef08210f0
Thread C:\Windows\System32\WUDFHost.exe [5056:5280] 000007fee78624a0
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Noch vergessen: GData Code:
ATTFilter Ihr Rechner wurden von einem entfernten Rechner auf offene Internet-Dienste (Ports) abgetastet. Die Firewall hat diesen Angriff unterbunden.
Netzwerk Info:
Netzwerk : LAN-Verbindung 2
Entfernter Rechner : 193.175.234.83 (nugo.dife.de)
Hast du jetzt wirklich alle 5 Logs erhalten? Danke und Gruß Masin |
|
09.07.2014, 18:15
| #7 |
| /// the machine /// TB-Ausbilder | Sehr langsamer Programmstart hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2014, 19:10
| #8 |
| | Sehr langsamer Programmstart Combofix läßt sich leider nicht starten - die Version ist nicht mit der ausgeführten Windows-Version kompatibel. Ich habe ein 24 Bit-System; was ist jetzt zu tun? Gruß Masin |
|
10.07.2014, 14:56
| #9 |
| /// the machine /// TB-Ausbilder | Sehr langsamer Programmstart 24? Du meinst 64? Du hast nen stinknormales Win 7 64Bit, da muss CF laufen. Fehlermeldung?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.07.2014, 15:54
| #10 |
| | Sehr langsamer Programmstart Klar war 24 Blödsinn, hatte mich vertippt. Habe CF runtergeladen und auf dem Desktop gespeichert. Wenn ich das Ding als Administrator starten will (was allerdings nicht gefordert ist), lautet die Fehlermeldeung: "C:\...\Desktop\Combofix.exe" konnte nicht gefunden werden. Stellen Sie sicher, dass Sie den Namen richtig eingegeben haben und wiederholen Sie den Vorgang. Starte ich normal mit Doppelklick, dann erscheint: Die Version dieser Datei ist nicht mit der ausgeführten Windows-Version kompatibel. Öffnen Sie die Systeminformation des Computers, um zu überprüfen, ob eine x86-(32 Bit)- oder eine x64-(64 Bit)-Version des Programms erforderlich ist, und wenden Sie sich anschließend an den Berausgeber der Software Gruß Masin |
|
11.07.2014, 11:06
| #11 |
| /// the machine /// TB-Ausbilder | Sehr langsamer Programmstart Zeig mir davon, inklusive dem ganzen Desktop, bitte mal einen Screenshot.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.07.2014, 11:36
| #12 |
| | Sehr langsamer Programmstart Bin nicht sicher, ob die Screenshots für dich sichtbar sind. Wenn nicht, sag mir bitte eine andere Möglichkeit, sie einzufügen. Gruß Masin   |
|
12.07.2014, 07:36
| #13 |
| /// the machine /// TB-Ausbilder | Sehr langsamer Programmstart sehr komisch. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.07.2014, 10:39
| #14 |
| | Sehr langsamer Programmstart Hallo, schrauber, hier die Files: Schönes Wochenende! masin Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 12.07.2014 Suchlauf-Zeit: 09:56:30 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.12.01 Rootkit Datenbank: v2014.07.09.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: HDS Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 395646 Verstrichene Zeit: 30 Min, 49 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 1 PUP.Optional.InstallMonetizer, C:\Users\HDS\AppData\Local\Temp\nsv6D83.tmp\nsBaliWeb.dll, In Quarantäne, [1988ddc1dd9e9d99d839103f50b2be42], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.215 - Bericht erstellt am 12/07/2014 um 10:51:19
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : HDS - HDS-NEU2
# Gestartet von : C:\Users\HDS\Desktop\adwcleaner_3.215.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\llz1tcco.default\prefs.js ]
[ Datei : C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1153 octets] - [12/07/2014 10:50:07]
AdwCleaner[S0].txt - [1075 octets] - [12/07/2014 10:51:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1135 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Professional x64 Ran by HDS on 12.07.2014 at 10:39:28,18 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ FireFox Emptied folder: C:\Users\HDS\AppData\Roaming\mozilla\firefox\profiles\l63f1fcz.default\minidumps [20 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 12.07.2014 at 10:45:39,28 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Logfile: FRST Logfile: |
|
12.07.2014, 10:40
| #15 |
| | Sehr langsamer Programmstart Pardon, habe die frst.txt falsch gepostet FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by HDS (administrator) on HDS-NEU2 on 12-07-2014 11:00:54
Running from C:\Users\HDS\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
() C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
() C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
() C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
() C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe
(freenet.de GmbH) C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2009-08-18] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2014-01-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe [67488 2007-09-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [freenet.de Dateimanager Taskleistensymbol] => C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe [142336 2009-01-22] (freenet.de GmbH)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [dradio-RecorderTimer] => C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe [41472 2012-04-03] ()
HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [] => [X]
HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\MountPoints2: {0eb18823-749a-11e3-9f74-806e6f6e6963} - F:\Autoplay.exe -auto
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
BootExecute: autocheck autochk * auto_reactivate \\?\Volume{0eb18820-749a-11e3-9f74-806e6f6e6963}\bootwiz\asrm.bin
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:8088
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader64.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 google-analytics.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: about:home
FF NetworkProxy: "ftp", "87.250.52.230"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "87.250.52.230"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "87.250.52.230"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "87.250.52.230"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll No File
FF SearchPlugin: C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\searchplugins\wikipdia-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FRITZ!Box AddOn - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\fb_add_on@avm.de [2014-01-04]
FF Extension: Nokia Maps 3D browser plugin - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\maps@ovi.com [2014-01-04]
FF Extension: WOT - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-12]
FF Extension: DownloadHelper - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: anonymoX - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\client@anonymox.net.xpi [2014-01-04]
FF Extension: Preispilot - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\extension@preispilot.com.xpi [2014-01-04]
FF Extension: CleanTube - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\jid0-Oh6YfHwkh8Cb1Y4efKhBukwKfB0@jetpack.xpi [2014-01-04]
FF Extension: Safe Preview - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\safepreview@everhelper.me.xpi [2014-01-07]
FF Extension: Stealthy - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\stealthyextension@gmail.com.xpi [2014-01-04]
FF Extension: Webutation - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2014-01-07]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2014-01-04]
FF Extension: NoScript - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-01]
FF Extension: Youtube Converter MP3 - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a5}.xpi [2014-01-04]
FF Extension: Go To Google - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{BCC877E7-7F3F-4632-8338-DAEE4475DE35}.xpi [2014-01-04]
FF Extension: Adblock Plus - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-04]
FF Extension: Fox!Box - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2014-01-04]
FF Extension: QuickJava - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-01-04]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-04]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-01-16]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-01-16]
FF HKLM-x32\...\Firefox\Extensions: [jid0-1wPBLrijxGVkIUhu0kFYq6ZaWzA@jetpack] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox
FF Extension: AntiBrowserSpy - SocialBlocker - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox [2014-02-25]
FF HKLM-x32\...\Firefox\Extensions: [firefox@printecosoftware.com] - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi
FF Extension: PrintEco - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi [2014-03-17]
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-06] (Adobe Systems) [File not signed]
R2 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-05-27] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-27] (Freemake) [File not signed]
S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-01-13] (Ellora Assets Corp.) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3203392 2014-05-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2011-11-15] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 Mtpip000ode; No ImagePath
==================== Drivers (Whitelisted) ====================
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-07-03] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-07-03] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-07-03] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-07-03] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-07-03] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-03-06] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-07-03] (G Data Software AG)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-12] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-01-04] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-01-04] (Acronis International GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-01-04] (Acronis International GmbH)
S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-12 11:00 - 2014-07-12 11:00 - 00022580 _____ () C:\Users\HDS\Downloads\FRST.txt
2014-07-12 10:59 - 2014-07-12 11:00 - 02084864 _____ (Farbar) C:\Users\HDS\Downloads\FRST64.exe
2014-07-12 10:45 - 2014-07-12 10:45 - 00000887 _____ () C:\Users\HDS\Desktop\JRT.txt
2014-07-12 10:38 - 2014-07-12 10:38 - 01016261 _____ (Thisisu) C:\Users\HDS\Desktop\JRT.exe
2014-07-12 10:13 - 2014-07-12 10:48 - 01348263 _____ () C:\Users\HDS\Desktop\adwcleaner_3.215.exe
2014-07-12 09:56 - 2014-07-12 09:56 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-12 09:56 - 2014-07-12 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-12 09:55 - 2014-07-12 09:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-12 09:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-12 09:55 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-12 09:55 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-11 12:01 - 2014-07-11 12:01 - 00000000 ____D () C:\Users\HDS\Documents\Canon Utilities
2014-07-09 19:58 - 2014-07-09 19:58 - 05216105 _____ () C:\Users\HDS\Desktop\ComboFix.exe
2014-07-09 07:59 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 07:59 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 07:59 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 07:59 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 07:59 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 07:59 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 07:59 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 07:59 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 07:59 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 07:59 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 07:59 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 07:59 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 07:59 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 07:59 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 07:59 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 07:59 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 07:59 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 07:59 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 07:59 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 07:59 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 07:59 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 07:59 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 07:59 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 07:59 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 07:59 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 07:59 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 07:59 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 07:59 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 07:59 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 07:59 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 07:59 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 07:59 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 07:59 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 07:59 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 07:59 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 07:59 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 07:59 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 07:59 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 07:59 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 07:59 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 07:59 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 07:59 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 07:59 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 07:59 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 07:59 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 07:59 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 07:59 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 07:59 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 07:59 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 07:59 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 07:59 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 07:59 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 07:59 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 07:59 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 07:59 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 07:59 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 07:59 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 07:59 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 07:59 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 07:59 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 07:59 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 07:59 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 07:59 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 07:59 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 07:54 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 07:54 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 07:54 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 07:54 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 07:54 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 07:54 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 07:54 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 07:54 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 07:54 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 07:54 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 07:54 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 07:54 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 07:54 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 07:54 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 07:49 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 07:49 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 07:49 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-07 21:51 - 2014-07-07 21:51 - 909476139 _____ () C:\Windows\MEMORY.DMP
2014-07-07 21:51 - 2014-07-07 21:51 - 00455752 _____ () C:\Windows\Minidump\070714-46347-01.dmp
2014-07-07 21:51 - 2014-07-07 21:51 - 00000000 ____D () C:\Windows\Minidump
2014-07-07 20:23 - 2014-07-07 20:23 - 00003301 _____ () C:\Users\HDS\Desktop\Gmer.txt
2014-07-07 18:41 - 2014-07-12 11:01 - 00000000 ____D () C:\FRST
2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable
2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird
2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird
2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA
2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter
2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-28 15:09 - 2014-07-03 16:49 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster
2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager
2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR
2014-06-20 07:44 - 2014-06-20 07:47 - 00000000 ____D () C:\FreeOCR
2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk
2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2014-06-20 07:44 - 2007-03-10 10:11 - 02680320 _____ (HiComponents) C:\Windows\SysWOW64\ImageEnXLibrary.ocx
2014-06-20 07:43 - 2014-06-20 08:40 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express
2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco
2014-06-18 16:12 - 2014-06-18 16:18 - 00000000 ____D () C:\Users\HDS\Documents\Fax
2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5}
2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk
2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk
2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys
2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\eXPert PDF 5
2014-06-13 17:19 - 2014-06-16 17:26 - 00000000 ____D () C:\Users\HDS\AppData\Local\Adobe
==================== One Month Modified Files and Folders =======
2014-07-12 11:01 - 2014-07-12 11:00 - 00022580 _____ () C:\Users\HDS\Downloads\FRST.txt
2014-07-12 11:01 - 2014-07-07 18:41 - 00000000 ____D () C:\FRST
2014-07-12 11:00 - 2014-07-12 10:59 - 02084864 _____ (Farbar) C:\Users\HDS\Downloads\FRST64.exe
2014-07-12 11:00 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-12 11:00 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-12 10:53 - 2014-01-05 13:18 - 00000000 ____D () C:\Users\HDS\AppData\Local\HTC MediaHub
2014-07-12 10:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-12 10:53 - 2009-07-14 06:51 - 00060309 _____ () C:\Windows\setupact.log
2014-07-12 10:52 - 2014-01-04 11:59 - 00263276 _____ () C:\Windows\PFRO.log
2014-07-12 10:51 - 2014-04-23 17:06 - 00000000 ____D () C:\AdwCleaner
2014-07-12 10:51 - 2014-01-03 19:14 - 01580324 _____ () C:\Windows\WindowsUpdate.log
2014-07-12 10:48 - 2014-07-12 10:13 - 01348263 _____ () C:\Users\HDS\Desktop\adwcleaner_3.215.exe
2014-07-12 10:45 - 2014-07-12 10:45 - 00000887 _____ () C:\Users\HDS\Desktop\JRT.txt
2014-07-12 10:38 - 2014-07-12 10:38 - 01016261 _____ (Thisisu) C:\Users\HDS\Desktop\JRT.exe
2014-07-12 10:33 - 2014-04-23 15:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-12 10:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-07-12 10:28 - 2014-01-04 14:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-12 10:27 - 2014-01-04 13:52 - 00001617 _____ () C:\Windows\BRRBCOM.INI
2014-07-12 09:56 - 2014-07-12 09:56 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-12 09:56 - 2014-07-12 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-12 09:56 - 2014-07-12 09:55 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-11 18:45 - 2014-01-14 16:49 - 00017920 _____ () C:\Users\HDS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-11 12:41 - 2014-01-05 11:34 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\CoreFTP
2014-07-11 12:01 - 2014-07-11 12:01 - 00000000 ____D () C:\Users\HDS\Documents\Canon Utilities
2014-07-10 19:18 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-07-10 19:18 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-07-10 19:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-10 13:51 - 2014-01-04 09:54 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-10 12:44 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Adobe
2014-07-10 08:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 07:36 - 2009-07-14 06:45 - 00369552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 07:34 - 2014-06-04 05:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 07:34 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 07:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 07:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 21:52 - 2014-01-05 09:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 21:52 - 2014-01-04 10:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 21:48 - 2014-01-05 09:57 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 19:58 - 2014-07-09 19:58 - 05216105 _____ () C:\Users\HDS\Desktop\ComboFix.exe
2014-07-09 19:28 - 2014-01-04 14:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 19:28 - 2014-01-04 14:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 19:28 - 2014-01-03 19:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-07 21:51 - 2014-07-07 21:51 - 909476139 _____ () C:\Windows\MEMORY.DMP
2014-07-07 21:51 - 2014-07-07 21:51 - 00455752 _____ () C:\Windows\Minidump\070714-46347-01.dmp
2014-07-07 21:51 - 2014-07-07 21:51 - 00000000 ____D () C:\Windows\Minidump
2014-07-07 21:51 - 2014-01-03 20:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-07 20:23 - 2014-07-07 20:23 - 00003301 _____ () C:\Users\HDS\Desktop\Gmer.txt
2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable
2014-07-07 18:36 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS
2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird
2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird
2014-07-05 08:19 - 2014-01-05 11:57 - 00001841 _____ () C:\Windows\system32\TeamViewer9_Hooks.log
2014-07-05 08:19 - 2014-01-05 11:56 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-05 08:19 - 2014-01-05 11:56 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-07-03 21:36 - 2014-04-05 16:09 - 00000000 ___RD () C:\Users\HDS\Dropbox
2014-07-03 16:52 - 2014-04-05 16:06 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Dropbox
2014-07-03 16:49 - 2014-06-28 15:09 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster
2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA
2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity
2014-07-03 08:41 - 2014-04-10 14:04 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys
2014-07-03 08:41 - 2014-04-10 14:04 - 00001978 _____ () C:\Users\Public\Desktop\G Data InternetSecurity.lnk
2014-07-03 08:41 - 2014-01-03 20:03 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2014-07-03 08:41 - 2014-01-03 20:02 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2014-07-03 08:41 - 2014-01-03 20:02 - 00061440 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2014-07-03 08:40 - 2014-01-05 13:17 - 00053328 _____ () C:\Windows\DPINST.LOG
2014-07-03 08:40 - 2014-01-03 20:02 - 00142336 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2014-07-03 08:40 - 2014-01-03 20:02 - 00055808 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2014-07-02 17:31 - 2014-01-05 10:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\vlc
2014-07-02 14:01 - 2014-01-22 18:39 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\KeePass
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter
2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-07-02 11:05 - 2014-01-16 16:28 - 00001320 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk
2014-07-02 11:05 - 2014-01-16 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-30 04:09 - 2014-07-09 07:59 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-09 07:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 16:14 - 2014-01-05 11:58 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Skype
2014-06-29 13:30 - 2014-03-28 18:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-29 13:30 - 2014-01-05 11:58 - 00000000 ____D () C:\ProgramData\Skype
2014-06-28 15:09 - 2014-04-05 16:09 - 00001011 _____ () C:\Users\HDS\Desktop\Dropbox.lnk
2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager
2014-06-20 22:14 - 2014-07-09 07:59 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 07:59 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-20 08:40 - 2014-06-20 07:43 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express
2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR
2014-06-20 07:47 - 2014-06-20 07:44 - 00000000 ____D () C:\FreeOCR
2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk
2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco
2014-06-19 03:39 - 2014-07-09 07:59 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-09 07:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-09 07:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-09 07:59 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-09 07:59 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-09 07:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-09 07:59 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-09 07:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-09 07:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-09 07:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-09 07:59 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-09 07:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-09 07:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-09 07:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-09 07:59 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-09 07:59 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-09 07:59 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-09 07:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-09 07:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-09 07:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-09 07:59 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 07:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 07:59 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-09 07:59 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-09 07:59 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-09 07:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-09 07:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 07:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-09 07:59 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 07:59 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-09 07:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-09 07:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-09 07:59 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-09 07:59 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-09 07:59 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-09 07:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-09 07:59 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-09 07:59 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-09 07:59 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-09 07:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-09 07:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 07:59 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-09 07:59 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-09 07:59 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 07:59 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 07:59 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-09 07:59 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-09 07:59 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 07:59 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 07:59 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 07:59 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 07:59 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 07:59 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 07:59 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 17:58 - 2014-01-04 12:07 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-18 16:18 - 2014-06-18 16:12 - 00000000 ____D () C:\Users\HDS\Documents\Fax
2014-06-18 09:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5}
2014-06-18 09:43 - 2014-01-04 13:21 - 00002669 _____ () C:\Users\Public\Desktop\TAXMAN 2014 spezial.lnk
2014-06-18 09:43 - 2014-01-03 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2014-06-18 04:18 - 2014-07-09 07:59 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-09 07:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-09 07:59 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-17 12:14 - 2014-01-04 17:50 - 00096280 _____ () C:\Users\HDS\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk
2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk
2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys
2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2014-06-17 12:06 - 2014-01-04 11:53 - 00000209 _____ () C:\Windows\ODBCINST.INI
2014-06-17 12:06 - 2014-01-04 09:53 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-17 12:03 - 2014-02-19 18:37 - 00000000 ____D () C:\Users\Hans-Dieter\AppData\Roaming\Adobe
2014-06-17 12:03 - 2014-01-04 15:43 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-06-17 10:53 - 2014-03-27 18:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-17 10:53 - 2014-01-05 13:05 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-17 10:48 - 2014-03-27 18:12 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-17 10:48 - 2014-01-05 13:05 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-17 08:47 - 2014-01-18 14:52 - 00007906 _____ () C:\Users\HDS\Documents\capella.log
2014-06-16 17:26 - 2014-06-13 17:19 - 00000000 ____D () C:\Users\HDS\AppData\Local\Adobe
2014-06-15 15:50 - 2014-01-22 18:37 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-06-15 15:50 - 2014-01-22 18:37 - 00001105 _____ () C:\Users\HDS\Desktop\KeePass 2.lnk
2014-06-15 15:50 - 2014-01-22 18:37 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-06-15 12:53 - 2014-01-05 10:30 - 00000000 ____D () C:\Users\HDS\Documents\MyHeritage
2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\eXPert PDF 5
2014-06-13 20:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-06-13 07:12 - 2014-02-25 16:15 - 00000000 ____D () C:\Program Files (x86)\AntiBrowserSpy
2014-06-13 07:11 - 2014-06-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 17:21 - 2014-01-03 20:51 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-12 17:21 - 2014-01-03 20:51 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
Some content of TEMP:
====================
C:\Users\HDS\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl_pmpy.dll
C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsbry6o.dll
C:\Users\HDS\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.1.exe
C:\Users\HDS\AppData\Local\Temp\FreemakeVideoDownloader_3.6.2.3.exe
C:\Users\HDS\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\HDS\AppData\Local\Temp\Quarantine.exe
C:\Users\HDS\AppData\Local\Temp\vlc-2.1.4-win64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-08 07:47
==================== End Of Log ============================
|
|
Linear-Darstellung
