Windows 7, 64bit: Computer stürzt permanent ab, MBAM funktioniert nicht

cosinus · 12.09.2014, 14:09

Ja kann weg. Ich hab stark den Eindruck, dass diese Datei nach unserer Reinigung auf deinem Rechner kam. Bitte mal neue FRST-Logs erstellen und auch den TDSS-Killer:

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

oscar12 · 12.09.2014, 21:17

Hier ist der neue FRST-Log:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by Bettina (administrator) on PYTHAGORAS on 12-09-2014 20:44:25
Running from C:\Users\Bettina\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\Windows\system\uArcCapture.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1691192 2010-06-19] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-04-05] (Hewlett-Packard)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [489472 2011-07-18] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-10-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-11] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bettina\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bettina\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bettina\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bettina\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bettina\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bettina\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bettina\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - No Name - !{6c97a91e-4524-4019-86af-2aa2d567bf5c} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{FFEF7A5B-F28D-4482-B9F5-75DB502B8A8F}: [NameServer] 131.130.1.11 131.130.1.12

FireFox:
========
FF ProfilePath: C:\Users\Bettina\AppData\Roaming\Mozilla\Firefox\Profiles\vvoo18iw.default-1400140805352
FF Homepage: www.fitnessart.at
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.0.3942197\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Microsoft PenInputPanel Control - C:\Users\Bettina\AppData\Roaming\Mozilla\Firefox\Profiles\vvoo18iw.default-1400140805352\Extensions\{801CD4C0-59CB-E084-E067-151FC7D1AF10} [2014-09-08]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2012-07-02]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt [2013-09-04]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-01-01]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-01-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-11]
FF HKCU\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR NewTab: Default -> "chrome-extension://oocaehgghkpmfmafjenhhnkbfdjjbkic/config/skin/new-tab.html"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\gears.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Bettina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Microsoft PenInputPanel Control) - C:\Users\Bettina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-08-14]
CHR Extension: (Google Docs) - C:\Users\Bettina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-22]
CHR Extension: (Google Drive) - C:\Users\Bettina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-22]
CHR Extension: (YouTube) - C:\Users\Bettina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-22]
CHR Extension: (Wondershare Video Converter Ultimate) - C:\Users\Bettina\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgdeabpmphfhkoemjjglmilajldekbp [2014-02-22]
CHR Extension: (Google-Suche) - C:\Users\Bettina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-22]
CHR Extension: (DivX HiQ) - C:\Users\Bettina\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-05-16]
CHR Extension: (ORF-TVthek - Downloader) - C:\Users\Bettina\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfnehdmbbmcahojnebecpiljbkeaele [2014-02-22]
CHR Extension: (Google Wallet) - C:\Users\Bettina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-22]
CHR Extension: (DivX Plus Web Player HTML5 video>) - C:\Users\Bettina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-05-16]
CHR Extension: (Google Mail) - C:\Users\Bettina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-22]
CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Bettina\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx [2014-08-31]
CHR HKLM-x32\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRChromePlugin.crx [2014-01-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-11] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R3 DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512 2009-12-16] (McAfee, Inc.) [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [462160 2010-07-16] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [362040 2009-11-17] (Hewlett-Packard Ltd)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2010-12-17] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2010-12-17] (Macrovision Europe Ltd.) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [103936 2013-12-12] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-12-12] (Ellora Assets Corp.) [File not signed]
R2 HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [32768 2010-10-19] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [90112 2010-05-10] (Hewlett-Packard Company) [File not signed]
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2009-12-16] (McAfee, Inc.)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2009-12-12] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [280120 2010-10-01] (Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 uArcCapture; C:\windows\system\uArcCapture.exe [506472 2009-12-04] (ArcSoft, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32640 2009-12-04] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-11] ()
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [40760 2009-10-21] (Hewlett-Packard Development Company L.P.)
S3 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [58184 2009-12-16] (McAfee, Inc.)
R1 RsvLock; C:\Windows\SysWow64\Drivers\RsvLock.sys [40088 2009-12-16] (McAfee, Inc.)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [56648 2009-12-16] () [File not signed]
R0 SafeBoot; C:\Windows\SysWow64\Drivers\SafeBoot.sys [110520 2009-12-16] (McAfee, Inc.)
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [60160 2009-06-04] (McAfee, Inc.)
R0 SbAlg; C:\Windows\SysWow64\Drivers\SbAlg.sys [51800 2009-12-16] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [15688 2009-12-16] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\SysWow64\Drivers\SbFsLock.sys [13256 2009-12-16] (McAfee, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1803904 2009-12-19] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.)
R3 WsAudio_Device; C:\Windows\System32\drivers\VirtualAudio.sys [31080 2013-03-25] (Wondershare)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 20:44 - 2014-09-12 20:45 - 00030031 _____ () C:\Users\Bettina\Desktop\FRST.txt
2014-09-12 15:24 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2014-09-12 15:24 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-09-12 15:24 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-09-12 15:24 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2014-09-12 15:24 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2014-09-12 15:24 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-09-12 15:24 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2014-09-12 15:24 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-09-12 15:24 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2014-09-12 15:24 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2014-09-12 15:24 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2014-09-12 15:24 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2014-09-12 15:24 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-09-12 15:24 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-09-12 15:24 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2014-09-12 15:24 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-09-12 15:24 - 2013-10-01 22:57 - 06578176 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-09-12 15:24 - 2013-10-01 22:55 - 05698048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-09-12 15:23 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-09-12 15:23 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2014-09-12 15:23 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-09-12 15:23 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2014-09-12 15:23 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2014-09-12 15:23 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-09-12 15:19 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-09-12 15:19 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-09-12 12:29 - 2014-09-12 20:44 - 00000000 ____D () C:\FRST
2014-09-12 12:28 - 2014-09-12 12:28 - 02105856 _____ (Farbar) C:\Users\Bettina\Desktop\FRST64.exe
2014-09-11 21:59 - 2014-09-11 21:59 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-11 21:58 - 2014-09-11 21:58 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-11 21:58 - 2014-09-11 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-11 21:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-09-11 21:58 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-09-11 21:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-09-11 21:56 - 2014-09-11 21:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bettina\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-11 18:00 - 2014-09-11 18:00 - 05329480 _____ (Secunia) C:\Users\Bettina\Downloads\PSISetup.exe
2014-09-11 17:58 - 2014-09-11 17:58 - 00001033 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-09-11 17:56 - 2014-09-11 17:56 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-11 17:56 - 2014-09-11 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-11 17:55 - 2014-09-11 17:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-11 17:55 - 2014-09-11 17:55 - 00000000 ____D () C:\Program Files\iTunes
2014-09-11 17:55 - 2014-09-11 17:55 - 00000000 ____D () C:\Program Files\iPod
2014-09-11 17:55 - 2014-09-11 17:55 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-11 17:49 - 2014-09-11 17:49 - 05329480 _____ (Secunia) C:\Users\Bettina\Downloads\PSISetup_3.0.0.9016(1).exe
2014-09-11 17:46 - 2014-09-11 17:48 - 112794960 _____ (Apple Inc.) C:\Users\Bettina\Downloads\iTunes64Setup.exe
2014-09-11 17:32 - 2014-09-11 17:32 - 01728888 _____ (Microsoft Corporation) C:\Users\Bettina\Downloads\proof2010-kb2553272-fullfile-x64-en-us.exe
2014-09-11 17:32 - 2014-09-11 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-09-11 17:31 - 2014-09-11 17:31 - 02256152 _____ (Microsoft Corporation) C:\Users\Bettina\Downloads\WcPlugin.exe
2014-09-11 17:29 - 2014-09-11 17:29 - 00957248 _____ (DivX, LLC) C:\Users\Bettina\Downloads\DivXInstaller_913.exe
2014-09-11 17:24 - 2014-09-11 17:23 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-11 17:23 - 2014-09-11 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-11 17:22 - 2014-09-11 17:22 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-11 17:21 - 2014-09-11 17:22 - 33733032 _____ (Oracle Corporation) C:\Users\Bettina\Downloads\jre-8u20-windows-i586.exe
2014-09-11 16:42 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-09-11 16:42 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-09-11 16:42 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-09-11 16:42 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-09-11 16:42 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-09-11 16:42 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-09-11 16:42 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-09-11 16:42 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-09-11 16:42 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-09-11 16:42 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-09-11 16:42 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-09-11 16:42 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-09-11 16:42 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-09-11 16:42 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-09-11 16:42 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-09-11 16:42 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-09-11 16:42 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-09-11 16:42 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-09-11 16:42 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-09-11 16:42 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-09-11 16:42 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-09-11 16:42 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-09-11 16:42 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-09-11 16:42 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 16:42 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-09-11 16:42 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-09-11 16:42 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-09-11 16:42 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-09-11 16:42 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-09-11 16:42 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-09-11 16:42 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-09-11 16:42 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-09-11 16:42 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-09-11 16:42 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-09-11 16:42 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-09-11 16:42 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-09-11 16:42 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-09-11 16:42 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-09-11 16:42 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-09-11 16:42 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-09-11 16:42 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-09-11 16:42 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 16:42 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-09-11 16:42 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-09-11 16:42 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-09-11 16:42 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-09-11 16:42 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-09-11 16:42 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-09-11 16:42 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-09-11 16:42 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-09-11 16:42 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-09-11 16:42 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-09-11 16:42 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-09-11 16:42 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-09-11 16:42 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-09-11 16:42 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-09-11 16:27 - 2014-09-11 16:27 - 00000000 ____D () C:\Users\Bettina\AppData\Local\Secunia PSI
2014-09-11 16:27 - 2014-09-11 16:27 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-09-11 16:24 - 2014-09-11 16:24 - 05329480 _____ (Secunia) C:\Users\Bettina\Downloads\PSISetup_3.0.0.9016.exe
2014-09-11 16:24 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-09-11 16:24 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 16:21 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-11 16:21 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-11 16:14 - 2014-09-11 16:14 - 00001018 _____ () C:\Users\Public\Desktop\PDF-Viewer.lnk
2014-09-11 16:14 - 2014-09-11 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2014-09-11 16:11 - 2014-09-11 16:15 - 00000000 ____D () C:\Users\Bettina\Downloads\Neuer Ordner
2014-09-11 15:52 - 2014-09-11 15:56 - 00001776 _____ () C:\DelFix.txt
2014-09-11 15:44 - 2014-09-11 15:45 - 00000000 ___SD () C:\uninstall
2014-09-11 15:43 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-09-11 15:43 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-09-11 15:43 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-09-11 15:43 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-09-11 15:38 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-09-11 15:38 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-09-11 15:38 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-09-11 15:38 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-09-11 15:38 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-09-11 14:19 - 2014-09-11 14:19 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\AVAST Software
2014-09-11 14:18 - 2014-09-11 14:18 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-11 14:18 - 2014-09-11 14:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-11 14:17 - 2014-09-12 20:40 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-09-11 14:16 - 2014-09-11 14:17 - 00427360 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-09-11 14:16 - 2014-09-11 14:16 - 01041168 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-09-11 14:16 - 2014-09-11 14:16 - 00307344 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-09-11 14:16 - 2014-09-11 14:16 - 00224896 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-09-11 14:16 - 2014-09-11 14:16 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-09-11 14:16 - 2014-09-11 14:16 - 00092008 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-09-11 14:16 - 2014-09-11 14:16 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-09-11 14:16 - 2014-09-11 14:16 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-09-11 14:16 - 2014-09-11 14:16 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-09-11 14:16 - 2014-09-11 14:16 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-09-11 14:13 - 2014-09-11 14:13 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-11 14:12 - 2014-09-11 14:13 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-10 22:58 - 2014-09-11 23:13 - 00000000 ____D () C:\Users\Bettina\Downloads\HUM1_kompCheck_bearbeitet_final
2014-09-10 12:26 - 2014-09-10 12:26 - 00371152 _____ () C:\windows\Minidump\091014-37377-01.dmp
2014-09-10 12:24 - 2014-09-11 15:45 - 00000000 ____D () C:\windows\erdnt
2014-09-10 12:20 - 2014-09-10 13:02 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\Husaboub
2014-09-09 18:03 - 2014-09-09 18:03 - 00372216 _____ () C:\windows\Minidump\090914-35022-01.dmp
2014-09-09 14:56 - 2014-09-09 14:56 - 00637576 _____ () C:\windows\Minidump\090914-25272-01.dmp
2014-09-09 14:47 - 2014-09-09 14:47 - 00371256 _____ () C:\windows\Minidump\090914-32385-01.dmp
2014-09-09 14:28 - 2014-09-09 14:28 - 00370608 _____ () C:\windows\Minidump\090914-30888-01.dmp
2014-09-09 14:18 - 2014-09-09 14:18 - 00371264 _____ () C:\windows\Minidump\090914-37221-01.dmp
2014-09-09 12:42 - 2014-09-09 12:43 - 00371208 _____ () C:\windows\Minidump\090914-32011-01.dmp
2014-09-08 23:02 - 2014-09-11 21:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-08 21:54 - 2014-09-10 13:02 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\Yvuduf
2014-09-04 22:14 - 2014-09-04 22:14 - 00001496 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-04 22:14 - 2014-09-04 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-04 22:13 - 2014-09-04 22:14 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-04 22:13 - 2014-09-04 22:13 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\RHEng
2014-09-04 22:12 - 2014-09-04 22:15 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\DVDVideoSoft
2014-09-04 19:17 - 2014-09-11 15:52 - 00000000 ____D () C:\windows\ERUNT
2014-09-04 18:47 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-09-03 22:00 - 2014-09-03 22:00 - 00371560 _____ () C:\windows\Minidump\090314-24835-01.dmp
2014-09-03 21:24 - 2014-09-04 16:47 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\Ikcaca
2014-09-02 12:49 - 2014-09-02 13:00 - 00000000 ____D () C:\windows\rescache
2014-09-01 13:56 - 2014-09-01 13:57 - 00000000 ____D () C:\Users\Bettina\Documents\beschreibungenFitnessart_010914
2014-08-31 22:41 - 2014-08-31 22:41 - 00002104 _____ () C:\Users\Bettina\Desktop\worklist - Verknüpfung.lnk
2014-08-31 22:40 - 2014-09-08 11:46 - 00011092 _____ () C:\Users\Bettina\Documents\worklist.xlsx
2014-08-31 21:32 - 2014-08-31 21:32 - 00000000 ____D () C:\Users\Bettina\AppData\Local\Temp8ccb83a846465d0468720653c506f5ad
2014-08-31 21:29 - 2014-08-31 21:29 - 00000000 ____D () C:\Users\Bettina\ChromeExtensions
2014-08-31 21:29 - 2014-08-31 21:29 - 00000000 ____D () C:\Users\Bettina\AppData\Local\Temp239f1878deb182be20f2a6ccdb7a8c0f
2014-08-27 20:31 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-27 20:31 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-27 20:31 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-22 22:56 - 2014-08-22 23:25 - 00000000 ____D () C:\Users\Bettina\Documents\lettlandDrucken
2014-08-19 23:26 - 2014-08-19 23:26 - 00000000 ____D () C:\Users\Bettina\5
2014-08-17 19:44 - 2014-08-17 19:44 - 00000000 ____D () C:\Users\Bettina\AppData\Local\Skype
2014-08-17 19:43 - 2014-08-17 19:45 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-17 19:43 - 2014-08-17 19:43 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-17 19:43 - 2014-08-17 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-15 06:42 - 2014-08-15 06:43 - 00004286 _____ () C:\windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-15 00:11 - 2014-08-15 00:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-14 23:33 - 2014-08-14 23:33 - 00283048 _____ () C:\windows\Minidump\081414-25974-01.dmp
2014-08-14 22:36 - 2014-08-14 22:36 - 00266688 _____ () C:\windows\Minidump\081414-26676-01.dmp
2014-08-14 21:35 - 2014-08-14 21:35 - 00269032 _____ () C:\windows\Minidump\081414-33072-01.dmp
2014-08-14 20:33 - 2014-08-14 20:33 - 00274888 _____ () C:\windows\Minidump\081414-26254-01.dmp
2014-08-14 00:48 - 2014-09-08 16:34 - 00000000 ____D () C:\Users\Bettina\AppData\Local\AWCworks
2014-08-14 00:47 - 2014-09-08 23:44 - 00000000 ____D () C:\Users\Bettina\AppData\Local\Imsoft
2014-08-13 19:25 - 2014-08-13 19:25 - 00341848 _____ (DivX, LLC) C:\windows\SysWOW64\DivXControlPanelApplet.cpl
2014-08-13 15:05 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-08-13 15:05 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2014-08-13 15:05 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-08-13 15:05 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-08-13 15:05 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-08-13 15:05 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-08-13 15:05 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2014-08-13 15:05 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2014-08-13 14:02 - 2014-07-09 00:38 - 00419992 _____ () C:\windows\system32\locale.nls
2014-08-13 14:02 - 2014-07-09 00:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls
2014-08-13 14:01 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-08-13 14:01 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-08-13 14:01 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-08-13 14:01 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-08-13 14:01 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-08-13 14:01 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-08-13 14:01 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-08-13 14:01 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-08-13 14:01 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-08-13 14:01 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-08-13 14:01 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-08-13 14:01 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-08-13 14:01 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-08-13 14:01 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-08-13 14:01 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-08-13 14:01 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-08-13 14:01 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-08-13 14:01 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-08-13 14:01 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-08-13 14:01 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-08-13 14:00 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-08-13 14:00 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-08-13 13:58 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-08-13 13:58 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 20:45 - 2014-09-12 20:44 - 00030031 _____ () C:\Users\Bettina\Desktop\FRST.txt
2014-09-12 20:44 - 2014-09-12 12:29 - 00000000 ____D () C:\FRST
2014-09-12 20:40 - 2014-09-11 14:17 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-09-12 20:27 - 2012-09-12 07:55 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-12 20:21 - 2010-12-17 12:44 - 01848917 _____ () C:\windows\WindowsUpdate.log
2014-09-12 20:15 - 2009-07-14 06:45 - 00025648 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-12 20:15 - 2009-07-14 06:45 - 00025648 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-12 20:14 - 2010-09-04 00:13 - 00706866 _____ () C:\windows\system32\perfh007.dat
2014-09-12 20:14 - 2010-09-04 00:13 - 00153174 _____ () C:\windows\system32\perfc007.dat
2014-09-12 20:14 - 2009-07-14 07:13 - 01635912 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-12 20:06 - 2010-09-04 00:18 - 00000000 ____D () C:\ProgramData\HPQLOG
2014-09-12 20:05 - 2013-06-04 11:36 - 00044685 _____ () C:\windows\setupact.log
2014-09-12 20:05 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-12 15:32 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 15:27 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-09-12 15:25 - 2010-12-17 13:00 - 00008336 _____ () C:\windows\system32\RaCoInst.log
2014-09-12 15:24 - 2012-12-15 10:46 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\vlc
2014-09-12 15:22 - 2011-03-13 00:14 - 01613936 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-09-12 12:28 - 2014-09-12 12:28 - 02105856 _____ (Farbar) C:\Users\Bettina\Desktop\FRST64.exe
2014-09-12 12:10 - 2010-09-04 01:00 - 00864902 _____ () C:\windows\PFRO.log
2014-09-11 23:13 - 2014-09-10 22:58 - 00000000 ____D () C:\Users\Bettina\Downloads\HUM1_kompCheck_bearbeitet_final
2014-09-11 21:59 - 2014-09-11 21:59 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-11 21:58 - 2014-09-11 21:58 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-11 21:58 - 2014-09-11 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-11 21:58 - 2014-09-08 23:02 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-11 21:57 - 2014-09-11 21:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bettina\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-11 18:00 - 2014-09-11 18:00 - 05329480 _____ (Secunia) C:\Users\Bettina\Downloads\PSISetup.exe
2014-09-11 17:58 - 2014-09-11 17:58 - 00001033 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-09-11 17:56 - 2014-09-11 17:56 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-11 17:56 - 2014-09-11 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-11 17:55 - 2014-09-11 17:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-11 17:55 - 2014-09-11 17:55 - 00000000 ____D () C:\Program Files\iTunes
2014-09-11 17:55 - 2014-09-11 17:55 - 00000000 ____D () C:\Program Files\iPod
2014-09-11 17:55 - 2014-09-11 17:55 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-11 17:49 - 2014-09-11 17:49 - 05329480 _____ (Secunia) C:\Users\Bettina\Downloads\PSISetup_3.0.0.9016(1).exe
2014-09-11 17:48 - 2014-09-11 17:46 - 112794960 _____ (Apple Inc.) C:\Users\Bettina\Downloads\iTunes64Setup.exe
2014-09-11 17:33 - 2011-05-16 21:05 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-09-11 17:33 - 2011-05-16 20:53 - 00000000 ____D () C:\ProgramData\DivX
2014-09-11 17:32 - 2014-09-11 17:32 - 01728888 _____ (Microsoft Corporation) C:\Users\Bettina\Downloads\proof2010-kb2553272-fullfile-x64-en-us.exe
2014-09-11 17:32 - 2014-09-11 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-09-11 17:32 - 2011-05-16 21:36 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\DivX
2014-09-11 17:32 - 2011-05-16 21:35 - 00000000 ____D () C:\Program Files\DivX
2014-09-11 17:31 - 2014-09-11 17:31 - 02256152 _____ (Microsoft Corporation) C:\Users\Bettina\Downloads\WcPlugin.exe
2014-09-11 17:29 - 2014-09-11 17:29 - 00957248 _____ (DivX, LLC) C:\Users\Bettina\Downloads\DivXInstaller_913.exe
2014-09-11 17:23 - 2014-09-11 17:24 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-11 17:23 - 2014-09-11 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-11 17:23 - 2014-06-22 11:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-11 17:22 - 2014-09-11 17:22 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-11 17:22 - 2014-09-11 17:21 - 33733032 _____ (Oracle Corporation) C:\Users\Bettina\Downloads\jre-8u20-windows-i586.exe
2014-09-11 17:15 - 2010-09-03 23:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-11 17:13 - 2011-03-12 13:04 - 00000000 ____D () C:\windows\SysWOW64\Adobe
2014-09-11 17:13 - 2010-09-04 00:19 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2014-09-11 17:12 - 2012-09-12 07:55 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-09-11 17:12 - 2011-09-17 13:01 - 00000000 ____D () C:\Users\Bettina\AppData\Local\Adobe
2014-09-11 17:11 - 2012-09-12 07:55 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-11 17:11 - 2011-11-21 12:30 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-11 16:41 - 2011-03-12 23:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 16:37 - 2013-07-29 23:41 - 00000000 ____D () C:\windows\system32\MRT
2014-09-11 16:27 - 2014-09-11 16:27 - 00000000 ____D () C:\Users\Bettina\AppData\Local\Secunia PSI
2014-09-11 16:27 - 2014-09-11 16:27 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-09-11 16:25 - 2011-05-04 20:55 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-09-11 16:24 - 2014-09-11 16:24 - 05329480 _____ (Secunia) C:\Users\Bettina\Downloads\PSISetup_3.0.0.9016.exe
2014-09-11 16:24 - 2014-05-06 23:17 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-09-11 16:15 - 2014-09-11 16:11 - 00000000 ____D () C:\Users\Bettina\Downloads\Neuer Ordner
2014-09-11 16:14 - 2014-09-11 16:14 - 00001018 _____ () C:\Users\Public\Desktop\PDF-Viewer.lnk
2014-09-11 16:14 - 2014-09-11 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2014-09-11 16:14 - 2011-12-06 12:10 - 00000000 ____D () C:\Program Files\Tracker Software
2014-09-11 16:08 - 2011-09-28 10:07 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-11 16:08 - 2011-03-12 13:04 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-11 15:56 - 2014-09-11 15:52 - 00001776 _____ () C:\DelFix.txt
2014-09-11 15:52 - 2014-09-04 19:17 - 00000000 ____D () C:\windows\ERUNT
2014-09-11 15:45 - 2014-09-11 15:44 - 00000000 ___SD () C:\uninstall
2014-09-11 15:45 - 2014-09-10 12:24 - 00000000 ____D () C:\windows\erdnt
2014-09-11 14:20 - 2011-03-12 12:11 - 00000000 ____D () C:\Users\Bettina
2014-09-11 14:19 - 2014-09-11 14:19 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\AVAST Software
2014-09-11 14:18 - 2014-09-11 14:18 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-11 14:18 - 2014-09-11 14:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-11 14:17 - 2014-09-11 14:16 - 00427360 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-09-11 14:16 - 2014-09-11 14:16 - 01041168 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-09-11 14:16 - 2014-09-11 14:16 - 00307344 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-09-11 14:16 - 2014-09-11 14:16 - 00224896 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-09-11 14:16 - 2014-09-11 14:16 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-09-11 14:16 - 2014-09-11 14:16 - 00092008 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-09-11 14:16 - 2014-09-11 14:16 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-09-11 14:16 - 2014-09-11 14:16 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-09-11 14:16 - 2014-09-11 14:16 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-09-11 14:16 - 2014-09-11 14:16 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-09-11 14:13 - 2014-09-11 14:13 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-11 14:13 - 2014-09-11 14:12 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-10 13:12 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-10 13:02 - 2014-09-10 12:20 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\Husaboub
2014-09-10 13:02 - 2014-09-08 21:54 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\Yvuduf
2014-09-10 13:02 - 2009-07-14 04:34 - 00000215 _____ () C:\windows\system.ini
2014-09-10 12:58 - 2009-07-14 04:34 - 00000027 _____ () C:\windows\system32\Drivers\etc\HOSTS.MVP
2014-09-10 12:26 - 2014-09-10 12:26 - 00371152 _____ () C:\windows\Minidump\091014-37377-01.dmp
2014-09-10 12:26 - 2011-10-18 10:28 - 00000000 ____D () C:\windows\Minidump
2014-09-09 18:23 - 2011-06-18 13:50 - 00000000 ___RD () C:\Users\Bettina\Dropbox
2014-09-09 18:03 - 2014-09-09 18:03 - 00372216 _____ () C:\windows\Minidump\090914-35022-01.dmp
2014-09-09 14:56 - 2014-09-09 14:56 - 00637576 _____ () C:\windows\Minidump\090914-25272-01.dmp
2014-09-09 14:47 - 2014-09-09 14:47 - 00371256 _____ () C:\windows\Minidump\090914-32385-01.dmp
2014-09-09 14:28 - 2014-09-09 14:28 - 00370608 _____ () C:\windows\Minidump\090914-30888-01.dmp
2014-09-09 14:18 - 2014-09-09 14:18 - 00371264 _____ () C:\windows\Minidump\090914-37221-01.dmp
2014-09-09 12:43 - 2014-09-09 12:42 - 00371208 _____ () C:\windows\Minidump\090914-32011-01.dmp
2014-09-09 00:52 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\tracing
2014-09-08 23:44 - 2014-08-14 00:47 - 00000000 ____D () C:\Users\Bettina\AppData\Local\Imsoft
2014-09-08 21:30 - 2014-06-26 07:55 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\uTorrent
2014-09-08 16:34 - 2014-08-14 00:48 - 00000000 ____D () C:\Users\Bettina\AppData\Local\AWCworks
2014-09-08 11:46 - 2014-08-31 22:40 - 00011092 _____ () C:\Users\Bettina\Documents\worklist.xlsx
2014-09-07 21:22 - 2011-03-13 17:19 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-09-07 21:17 - 2012-05-06 19:48 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-09-05 20:51 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\AppCompat
2014-09-05 04:10 - 2014-09-11 16:21 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-11 16:21 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-04 22:15 - 2014-09-04 22:12 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\DVDVideoSoft
2014-09-04 22:14 - 2014-09-04 22:14 - 00001496 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-04 22:14 - 2014-09-04 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-04 22:14 - 2014-09-04 22:13 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-04 22:13 - 2014-09-04 22:13 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\RHEng
2014-09-04 16:47 - 2014-09-03 21:24 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\Ikcaca
2014-09-04 16:47 - 2009-07-14 05:20 - 00000000 __RSD () C:\windows\Media
2014-09-04 16:43 - 2012-02-11 01:12 - 00000000 ____D () C:\ProgramData\InstallMate
2014-09-03 22:00 - 2014-09-03 22:00 - 00371560 _____ () C:\windows\Minidump\090314-24835-01.dmp
2014-09-02 13:00 - 2014-09-02 12:49 - 00000000 ____D () C:\windows\rescache
2014-09-01 13:57 - 2014-09-01 13:56 - 00000000 ____D () C:\Users\Bettina\Documents\beschreibungenFitnessart_010914
2014-08-31 22:41 - 2014-08-31 22:41 - 00002104 _____ () C:\Users\Bettina\Desktop\worklist - Verknüpfung.lnk
2014-08-31 21:32 - 2014-08-31 21:32 - 00000000 ____D () C:\Users\Bettina\AppData\Local\Temp8ccb83a846465d0468720653c506f5ad
2014-08-31 21:29 - 2014-08-31 21:29 - 00000000 ____D () C:\Users\Bettina\ChromeExtensions
2014-08-31 21:29 - 2014-08-31 21:29 - 00000000 ____D () C:\Users\Bettina\AppData\Local\Temp239f1878deb182be20f2a6ccdb7a8c0f
2014-08-29 09:59 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SchCache
2014-08-29 08:59 - 2009-07-14 06:45 - 00467272 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-29 08:57 - 2009-07-27 17:04 - 00000000 ____D () C:\windows\Panther
2014-08-29 08:52 - 2012-02-02 22:02 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\Skype
2014-08-25 06:53 - 2011-11-30 22:30 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-08-23 21:43 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\Help
2014-08-23 04:07 - 2014-08-27 20:31 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 20:31 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 20:31 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-22 23:25 - 2014-08-22 22:56 - 00000000 ____D () C:\Users\Bettina\Documents\lettlandDrucken
2014-08-19 23:36 - 2011-06-19 12:00 - 00000000 ____D () C:\Users\Bettina\AppData\Roaming\FileZilla
2014-08-19 23:26 - 2014-08-19 23:26 - 00000000 ____D () C:\Users\Bettina\5
2014-08-19 20:05 - 2014-09-11 16:42 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-19 19:39 - 2014-09-11 16:42 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-08-19 01:01 - 2014-09-11 16:42 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-19 00:29 - 2014-09-11 16:42 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-19 00:29 - 2014-09-11 16:42 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-08-19 00:26 - 2014-09-11 16:42 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-19 00:20 - 2014-09-11 16:42 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-19 00:19 - 2014-09-11 16:42 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-19 00:15 - 2014-09-11 16:42 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-19 00:15 - 2014-09-11 16:42 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-19 00:14 - 2014-09-11 16:42 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-08-19 00:14 - 2014-09-11 16:42 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-08-19 00:08 - 2014-09-11 16:42 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-19 00:08 - 2014-09-11 16:42 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-19 00:08 - 2014-09-11 16:42 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-19 00:05 - 2014-09-11 16:42 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-19 00:03 - 2014-09-11 16:42 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-08-19 00:03 - 2014-09-11 16:42 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-19 00:03 - 2014-09-11 16:42 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-08-18 23:57 - 2014-09-11 16:42 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-18 23:56 - 2014-09-11 16:42 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:51 - 2014-09-11 16:42 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-18 23:46 - 2014-09-11 16:42 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-08-18 23:45 - 2014-09-11 16:42 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:45 - 2014-09-11 16:42 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-18 23:44 - 2014-09-11 16:42 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-11 16:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-11 16:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-18 23:40 - 2014-09-11 16:42 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-18 23:39 - 2014-09-11 16:42 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-18 23:39 - 2014-09-11 16:42 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-18 23:39 - 2014-09-11 16:42 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-18 23:38 - 2014-09-11 16:42 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-18 23:37 - 2014-09-11 16:42 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-08-18 23:36 - 2014-09-11 16:42 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-08-18 23:35 - 2014-09-11 16:42 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-08-18 23:27 - 2014-09-11 16:42 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-18 23:25 - 2014-09-11 16:42 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-18 23:25 - 2014-09-11 16:42 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-18 23:23 - 2014-09-11 16:42 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-18 23:23 - 2014-09-11 16:42 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-08-18 23:22 - 2014-09-11 16:42 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-11 16:42 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-18 23:17 - 2014-09-11 16:42 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-18 23:17 - 2014-09-11 16:42 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-18 23:16 - 2014-09-11 16:42 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-18 23:15 - 2014-09-11 16:42 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-18 23:15 - 2014-09-11 16:42 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-18 23:09 - 2014-09-11 16:42 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-18 23:08 - 2014-09-11 16:42 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-18 23:07 - 2014-09-11 16:42 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-08-18 22:55 - 2014-09-11 16:42 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-18 22:46 - 2014-09-11 16:42 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-18 22:38 - 2014-09-11 16:42 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-18 22:38 - 2014-09-11 16:42 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-08-18 22:36 - 2014-09-11 16:42 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-08-18 00:57 - 2014-04-09 08:32 - 00004216 _____ () C:\Users\Bettina\AppData\Local\mbt-actwiz.log
2014-08-17 19:45 - 2014-08-17 19:43 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-17 19:44 - 2014-08-17 19:44 - 00000000 ____D () C:\Users\Bettina\AppData\Local\Skype
2014-08-17 19:43 - 2014-08-17 19:43 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-17 19:43 - 2014-08-17 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-17 19:43 - 2010-12-17 13:00 - 00000000 ____D () C:\ProgramData\Skype
2014-08-15 06:43 - 2014-08-15 06:42 - 00004286 _____ () C:\windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-15 06:21 - 2013-02-04 13:46 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-15 06:08 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\security
2014-08-15 00:11 - 2014-08-15 00:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-14 23:33 - 2014-08-14 23:33 - 00283048 _____ () C:\windows\Minidump\081414-25974-01.dmp
2014-08-14 22:36 - 2014-08-14 22:36 - 00266688 _____ () C:\windows\Minidump\081414-26676-01.dmp
2014-08-14 21:35 - 2014-08-14 21:35 - 00269032 _____ () C:\windows\Minidump\081414-33072-01.dmp
2014-08-14 20:33 - 2014-08-14 20:33 - 00274888 _____ () C:\windows\Minidump\081414-26254-01.dmp
2014-08-13 22:18 - 2011-03-12 12:22 - 00000000 ___RD () C:\Users\Bettina\Virtual Machines
2014-08-13 19:25 - 2014-08-13 19:25 - 00341848 _____ (DivX, LLC) C:\windows\SysWOW64\DivXControlPanelApplet.cpl

Some content of TEMP:
====================
C:\Users\Bettina\AppData\Local\Temp\avgnt.exe
C:\Users\Bettina\AppData\Local\Temp\javagiac0.16479784024372002.dll
C:\Users\Bettina\AppData\Local\Temp\uninstall.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-09 01:23

==================== End Of Log ============================

--- --- ---

oscar12 · 12.09.2014, 21:18

...und die Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-09-2014
Ran by Bettina at 2014-09-12 20:46:18
Running from C:\Users\Bettina\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32343 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.159 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 1.0.23.26 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.43.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 1.0.0.26 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{E534C3AC-6D49-4EAC-8993-C1F0FF545B67}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0805.358.5180 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0805.358.5180 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0805.358.5180 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help English (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help French (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help German (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0805.358.5180 - ATI) Hidden
ccc-utility64 (Version: 2010.0805.358.5180 - ATI) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 5.0.1.5 - Hewlett-Packard)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.80 - DivX, LLC)
Drive Encryption for HP ProtectTools (HKLM-x32\...\Drive Encryption) (Version: 5.0.4.0 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (Version: 5.0.4.0 - Hewlett-Packard) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
EPSON BX535WD Series Printer Uninstall (HKLM\...\EPSON BX535WD Series) (Version:  - SEIKO EPSON Corporation)
Face Recognition for HP ProtectTools (HKLM\...\{E793990C-90BE-4B69-AC29-BF5E8FD4ED54}) (Version: 2.02.4007 - Hewlett-Packard)
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 5.0.1.2 - Hewlett-Packard)
FileZilla Client 3.2.7.1 (HKLM-x32\...\FileZilla Client) (Version: 3.2.7.1 - )
Free YouTube to MP3 Converter version 3.12.44.820 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.820 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.2 - Ellora Assets Corporation)
GeoGebra 4.4 (HKLM-x32\...\GeoGebra 4.4) (Version: 4.4.12.0 - International GeoGebra Institute)
GPL Ghostscript 9.01 (HKLM-x32\...\GPL Ghostscript 9.01) (Version:  - )
GSview 4.9 (HKLM-x32\...\GSview 4.9) (Version:  - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{67C090D6-109A-47D7-8DED-4160C4D96F32}) (Version: 4.0.4.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{8C3059B3-B804-42BB-909B-25864C7D33E3}) (Version: 1.6.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{F5F16745-6FCB-4134-83F9-2688ACFF5DC9}) (Version: 1.1.8.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{014C6C60-4916-48F7-916E-E8048E12E9F1}) (Version: 4.0.3.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{32C278B2-BC1F-4018-8FB4-2012A40D9FC1}) (Version: 1.0.9.0 - Hewlett-Packard Company)
HP Power Data (HKLM\...\{F2177395-FD90-44B0-AFB8-2E0566855E5C}) (Version: 1.0.31.182 - Hewlett-Packard)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 5.12.754 - Hewlett-Packard Company)
HP ProtectTools Security Manager (Version: 5.12.754 - Hewlett-Packard Company) Hidden
HP QuickLook (HKLM\...\{E6BEE2A9-04CF-42FF-B95B-BB70FAD2DC3E}) (Version: 3.3.1.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{7861911B-4270-498A-8F7A-FCF0570F487D}) (Version: 1.0.1.63 - DeviceVM, Inc.)
HP Setup (HKLM-x32\...\{1E6219D4-027E-47EE-AB83-DD2F26E31A32}) (Version: 1.2.3557.3169 - Hewlett-Packard)
HP SoftPaq Download Manager (HKLM-x32\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}) (Version: 4.0.39.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.9 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50012.0 - Sonix)
HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mathematica Extras 9.0 (3942197) (HKLM\...\A-WIN-Extras 9.0.0 3942197_is1) (Version: 9.0.0 - Wolfram Research, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.20.0 - Symantec)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.8.7 - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.309.0 - Tracker Software Products Ltd)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version:  - )
Pre-Boot Security for HP ProtectTools (Version: 5.0.7.1 - Hewlett-Packard) Hidden
Privacy Manager for HP ProtectTools (HKLM\...\{04255D34-6C6D-4F63-A218-EE8FD2D13AF0}) (Version: 5.10.796 - Hewlett-Packard)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Ralink Motorola BC4 Bluetooth 3.0+HS Adapter (HKLM\...\Ralink Motorola BC4 Bluetooth 3.0+HS Adapter_is1) (Version: 3.0.41.258 - Motorola, Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.1.13.0 - Ralink)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30109 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
StuffIt Expander 2011 (HKLM\...\{6B62B973-49F5-4C51-B738-93B56A963417}) (Version: 15.0.1.17 - Smith Micro Software, Inc.)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version:  - NCH Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
tele.ring Mobile Internet (HKLM-x32\...\tele.ring Mobile Internet) (Version: 11.002.03.10.123 - Huawei Technologies Co.,Ltd)
Theft Recovery (HKLM-x32\...\InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.18 - Hewlett-Packard)
Theft Recovery (x32 Version: 5.1.0.18 - Hewlett-Packard) Hidden
Thema Mathematik 6 V2. CD-ROM (HKLM-x32\...\Thema Mathematik 6 V2. CD-ROM_is1) (Version:  - VERITAS Verlags- und Handelsges.m.b.H. & Co. OG)
TSACS Wormhole Screensaver (HKLM-x32\...\TSACS Wormhole Screensaver_is1) (Version: 1.0.0 - David Millington)
uMark 3 (HKLM-x32\...\{7D10A6C4-9276-4576-9ED4-44DBA98BFA24}) (Version: 3.4.0 - Uconomix)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Validity Fingerprint Driver (HKLM\...\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows 7 Default Setting (HKLM-x32\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.6 - Hewlett-Packard Company)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Wolfram CDF Player (M-WIN-D 9.0.0 3942419) (HKLM-x32\...\M-WIN-D 9.0.0 3942419_is1) (Version: 9.0.0 - Wolfram Research, Inc.)
Wondershare Video Converter Ultimate(Build 6.7.0.10) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 6.7.0.10 - Wondershare Software)
WOW Slider (HKLM-x32\...\WOW Slider_is1) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3593014539-1029255113-2831684764-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Bettina\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3593014539-1029255113-2831684764-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bettina\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3593014539-1029255113-2831684764-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bettina\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3593014539-1029255113-2831684764-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bettina\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3593014539-1029255113-2831684764-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bettina\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================

11-09-2014 13:53:30 Ende der Bereinigung
11-09-2014 14:05:32 Removed Adobe Reader X (10.1.7) - Deutsch.
11-09-2014 14:21:46 Windows Update
11-09-2014 15:14:14 Removed Authorware 7
11-09-2014 15:17:48 Removed Java 7 Update 60
11-09-2014 15:51:01 Installed iTunes
12-09-2014 13:19:24 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-08-20 14:10 - 00511276 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
0.0.0.0 content.ad20.net

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0F913C5D-351D-4F5A-8AF8-628C723401BB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {14C7A4AA-43A5-439B-A081-8E4854990081} - System32\Tasks\{4CE29D51-FA61-424B-8D80-8CBAE9835B02} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.8.0.154.259&amp;LastError=12002
Task: {30AB857B-93AE-492C-9610-57E65028CA97} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-11] (AVAST Software)
Task: {441AA5B7-A953-44E8-922E-3A403486F01E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-07-08] (Microsoft)
Task: {64B5A2C8-0DC3-4ED1-9F25-4D058309596F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9A3AD5FF-9EE1-45D7-97FD-747A3678AFB6} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated)
Task: {9DE4C703-1E12-4B83-8F56-00CAC50F1398} - System32\Tasks\Hewlett-Packard\HP Support Assistant\NetworkCheck => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_NetworkCheck.exe [2014-04-22] (Hewlett-Packard)
Task: {AC1F47DD-415F-448F-9E5E-B520A78ABF91} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {AD7C9FF7-7759-4001-89DC-4D91B9AC92E1} - System32\Tasks\{19E0BA79-9DDB-4504-9819-DF4603EE9459} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.8.0.154.259&amp;LastError=12002
Task: {B75ACE2B-59DA-417C-B517-9DBE757428CB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E9FC8756-6D66-4161-B629-A6AC86210E13} - System32\Tasks\NCH Software\switchShakeIcon => C:\Program Files (x86)\NCH Software\Switch\Switch.exe
Task: {F322761A-5530-4676-B98D-9C97D817BD8B} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {F8932466-8D22-49E1-B72B-845F1968A58A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-06-14 18:57 - 2005-03-12 01:07 - 00087040 _____ () C:\windows\System32\pdfcmnnt.dll
2010-02-11 22:50 - 2010-02-11 22:50 - 00746256 _____ () C:\windows\system32\SUPSDK.dll
2009-11-23 18:24 - 2009-11-23 18:24 - 01412608 ____R () C:\windows\system32\LIBEAY32.dll
2010-04-20 08:10 - 2010-04-20 08:10 - 00100352 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2009-08-23 19:24 - 2009-08-23 19:24 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-06-19 01:25 - 2010-06-19 01:25 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
2010-06-19 01:25 - 2010-06-19 01:25 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll
2010-06-19 01:25 - 2010-06-19 01:25 - 00055864 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2010-04-05 20:12 - 2010-04-05 20:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-04-05 20:11 - 2010-04-05 20:11 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-04-05 20:12 - 2010-04-05 20:12 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2014-09-11 14:15 - 2014-09-11 14:15 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-12 12:12 - 2014-09-12 12:12 - 02862592 _____ () C:\Program Files\AVAST Software\Avast\defs\14091200\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-11 14:15 - 2014-09-11 14:15 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-09-12 13:20 - 2014-09-12 13:20 - 00170496 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\03d9e855a8969bf00dd1bfeafa5d055e\IsdiInterop.ni.dll
2010-09-03 23:59 - 2010-03-04 06:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00113171 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 02396179 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00268307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00027667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00031251 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00066579 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 02021395 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00100371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00240659 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00076307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00045587 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00060947 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00531475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00708627 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00114195 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00040467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00133139 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 01512467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00296979 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 01248787 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00054291 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00038419 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 11148307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-02-05 03:31 - 2014-02-05 03:31 - 00189971 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00091667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00291859 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00017939 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 01280019 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00018451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00336403 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00344595 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00198675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00027155 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00015891 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 01371667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00146451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00022035 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00733203 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00026131 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00171027 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00019475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 10396179 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00116755 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_http_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00724499 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00026643 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00555027 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00113683 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00027667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00053779 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00016915 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00032275 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00020499 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00013843 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00017427 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00130579 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00168979 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00058899 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 01496083 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00019475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00013331 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00014355 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00013843 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00014355 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00025619 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00067091 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00072211 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_mms_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00036371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2014-07-30 15:05 - 2014-07-30 15:05 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk => C:\windows\pss\Adobe Gamma Loader.exe.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BrowserPlugInHelper => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Download Protect => C:\ProgramData\dlprotect.exe
MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Realtime Audio Engine => "mmrtkrnl.exe" /i
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/12/2014 00:38:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15616

Error: (09/12/2014 00:38:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15616

Error: (09/12/2014 00:38:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/11/2014 09:59:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 1.0.0.532 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b70

Startzeit: 01cfcdfad3ba42a7

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe

Berichts-ID: 265c2b32-39ee-11e4-a673-934fd643dd2c

Error: (09/11/2014 09:54:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 1.0.0.532 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1e78

Startzeit: 01cfcdfa2817f456

Endzeit: 31

Anwendungspfad: C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe

Berichts-ID: 764ccddf-39ed-11e4-a673-934fd643dd2c

Error: (09/11/2014 09:54:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 1.0.0.532 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1478

Startzeit: 01cfcdf9b37233a5

Endzeit: 62

Anwendungspfad: C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe

Berichts-ID: 5b7823c5-39ed-11e4-a673-934fd643dd2c

Error: (09/11/2014 05:00:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.9016, Zeitstempel: 0x52a1d50f
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000332b0
ID des fehlerhaften Prozesses: 0xbdc
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (09/11/2014 08:47:13 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.CompositionException
Stack:
   at System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   at System.ComponentModel.Composition.Primitives.Export.get_Value()
   at System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/11/2014 08:47:00 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.CompositionException
Stack:
   at System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   at System.ComponentModel.Composition.Primitives.Export.get_Value()
   at System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/11/2014 08:45:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.18.28431, Zeitstempel: 0x53c3ed8f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0xc20
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3


System errors:
=============
Error: (09/12/2014 08:07:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/12/2014 03:32:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/12/2014 00:58:24 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (09/12/2014 00:12:29 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/12/2014 00:18:34 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/11/2014 04:54:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/11/2014 04:51:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎11.‎09.‎2014 um 16:50:02 unerwartet heruntergefahren.

Error: (09/11/2014 04:02:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/11/2014 04:01:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎11.‎09.‎2014 um 15:58:56 unerwartet heruntergefahren.

Error: (09/11/2014 03:38:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Freemake Improver" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (09/12/2014 00:38:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15616

Error: (09/12/2014 00:38:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15616

Error: (09/12/2014 00:38:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/11/2014 09:59:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.0.532b7001cfcdfad3ba42a716C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe265c2b32-39ee-11e4-a673-934fd643dd2c

Error: (09/11/2014 09:54:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.0.5321e7801cfcdfa2817f45631C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe764ccddf-39ed-11e4-a673-934fd643dd2c

Error: (09/11/2014 09:54:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.0.532147801cfcdf9b37233a562C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe5b7823c5-39ed-11e4-a673-934fd643dd2c

Error: (09/11/2014 05:00:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.901652a1d50fntdll.dll6.1.7601.18247521ea8e7c0000005000332b0bdc01cfcdd008512e3cC:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\windows\SysWOW64\ntdll.dll5684845b-39c4-11e4-a673-934fd643dd2c

Error: (09/11/2014 08:47:13 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.CompositionException
Stack:
   at System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   at System.ComponentModel.Composition.Primitives.Export.get_Value()
   at System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/11/2014 08:47:00 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.CompositionException
Stack:
   at System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   at System.ComponentModel.Composition.Primitives.Export.get_Value()
   at System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/11/2014 08:45:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.ServiceHost.exe1.1.18.2843153c3ed8fKERNELBASE.dll6.1.7601.1840953159a86e04343520000c42dc2001cfcd8b25b4994fC:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exeC:\windows\syswow64\KERNELBASE.dll2ba924a1-397f-11e4-ba00-839cfeffbd26


CodeIntegrity Errors:
===================================
  Date: 2014-09-10 12:51:37.088
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-10 12:51:36.869
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
Percentage of memory in use: 68%
Total physical RAM: 1967.43 MB
Available physical RAM: 624.5 MB
Total Pagefile: 3934.86 MB
Available Pagefile: 1695.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:280.8 GB) (Free:17.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (MORPHEUSII) (Removable) (Total:29.57 GB) (Free:0.43 GB) FAT32
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.48 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: F61FABCA)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=280.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

========================================================
Disk: 1 (Size: 29.6 GB) (Disk ID: DF33AF25)
Partition 1: (Not Active) - (Size=29.6 GB) - (Type=0C)

==================== End Of Log ============================

oscar12 · 12.09.2014, 21:19

...und zu guter Letzt das TDSS-Killer-Logfile. TDSS-Killer hat keine Threats gefunden.

Code:

ATTFilter

22:01:52.0907 0x1a78  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
22:01:59.0223 0x1a78  ============================================================
22:01:59.0228 0x1a78  Current date / time: 2014/09/12 22:01:59.0223
22:01:59.0228 0x1a78  SystemInfo:
22:01:59.0228 0x1a78  
22:01:59.0228 0x1a78  OS Version: 6.1.7601 ServicePack: 1.0
22:01:59.0228 0x1a78  Product type: Workstation
22:01:59.0228 0x1a78  ComputerName: PYTHAGORAS
22:01:59.0228 0x1a78  UserName: Bettina
22:01:59.0228 0x1a78  Windows directory: C:\windows
22:01:59.0228 0x1a78  System windows directory: C:\windows
22:01:59.0228 0x1a78  Running under WOW64
22:01:59.0228 0x1a78  Processor architecture: Intel x64
22:01:59.0228 0x1a78  Number of processors: 4
22:01:59.0228 0x1a78  Page size: 0x1000
22:01:59.0228 0x1a78  Boot type: Normal boot
22:01:59.0228 0x1a78  ============================================================
22:02:01.0313 0x1a78  KLMD registered as C:\windows\system32\drivers\52914854.sys
22:02:03.0658 0x1a78  System UUID: {173AF0BD-AE38-B024-21F7-5FAEDD91F529}
22:02:05.0804 0x1a78  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:02:05.0929 0x1a78  Drive \Device\Harddisk1\DR1 - Size: 0x765C00000 ( 29.59 Gb ), SectorSize: 0x200, Cylinders: 0xF16, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:02:05.0944 0x1a78  ============================================================
22:02:05.0944 0x1a78  \Device\Harddisk0\DR0:
22:02:05.0944 0x1a78  MBR partitions:
22:02:05.0944 0x1a78  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
22:02:05.0944 0x1a78  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x23198000
22:02:05.0944 0x1a78  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2322E800, BlocksNum 0x1E00000
22:02:05.0944 0x1a78  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x2502E800, BlocksNum 0x3FD800
22:02:05.0944 0x1a78  \Device\Harddisk1\DR1:
22:02:05.0944 0x1a78  MBR partitions:
22:02:05.0944 0x1a78  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x950, BlocksNum 0x3B2D6B0
22:02:05.0944 0x1a78  ============================================================
22:02:06.0044 0x1a78  C: <-> \Device\Harddisk0\DR0\Partition2
22:02:06.0089 0x1a78  F: <-> \Device\Harddisk0\DR0\Partition4
22:02:07.0069 0x1a78  ============================================================
22:02:07.0069 0x1a78  Initialize success
22:02:07.0069 0x1a78  ============================================================
22:02:38.0813 0x0a28  ============================================================
22:02:38.0813 0x0a28  Scan started
22:02:38.0813 0x0a28  Mode: Manual; SigCheck; TDLFS; 
22:02:38.0813 0x0a28  ============================================================
22:02:38.0813 0x0a28  KSN ping started
22:02:41.0673 0x0a28  KSN ping finished: true
22:02:44.0329 0x0a28  ================ Scan system memory ========================
22:02:44.0329 0x0a28  System memory - ok
22:02:44.0329 0x0a28  ================ Scan services =============================
22:02:45.0609 0x0a28  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
22:02:46.0079 0x0a28  1394ohci - ok
22:02:46.0184 0x0a28  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\windows\system32\DRIVERS\Accelerometer.sys
22:02:46.0289 0x0a28  Accelerometer - ok
22:02:46.0454 0x0a28  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
22:02:46.0484 0x0a28  ACDaemon - ok
22:02:46.0604 0x0a28  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
22:02:46.0694 0x0a28  ACPI - ok
22:02:46.0759 0x0a28  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
22:02:46.0864 0x0a28  AcpiPmi - ok
22:02:47.0054 0x0a28  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:02:47.0084 0x0a28  AdobeFlashPlayerUpdateSvc - ok
22:02:47.0134 0x0a28  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
22:02:47.0169 0x0a28  adp94xx - ok
22:02:47.0209 0x0a28  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
22:02:47.0234 0x0a28  adpahci - ok
22:02:47.0264 0x0a28  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
22:02:47.0284 0x0a28  adpu320 - ok
22:02:47.0309 0x0a28  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
22:02:47.0399 0x0a28  AeLookupSvc - ok
22:02:47.0494 0x0a28  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
22:02:47.0564 0x0a28  AESTFilters - ok
22:02:47.0614 0x0a28  [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc             C:\windows\syswow64\drivers\Afc.sys
22:02:47.0644 0x0a28  Afc - ok
22:02:47.0719 0x0a28  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\windows\system32\drivers\afd.sys
22:02:47.0799 0x0a28  AFD - ok
22:02:47.0929 0x0a28  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\windows\system32\DRIVERS\agrsm64.sys
22:02:48.0059 0x0a28  AgereSoftModem - ok
22:02:48.0139 0x0a28  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
22:02:48.0164 0x0a28  agp440 - ok
22:02:48.0189 0x0a28  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
22:02:48.0244 0x0a28  ALG - ok
22:02:48.0289 0x0a28  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
22:02:48.0329 0x0a28  aliide - ok
22:02:48.0374 0x0a28  [ 5A06AB7AB4D389DFE3C109599DF0BB65, 317AA0BD3319C67339EE7E7B15E2C176E9E85480C84728571D8F1690F8A0844B ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
22:02:48.0429 0x0a28  AMD External Events Utility - ok
22:02:48.0474 0x0a28  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
22:02:48.0484 0x0a28  amdide - ok
22:02:48.0524 0x0a28  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
22:02:48.0584 0x0a28  AmdK8 - ok
22:02:49.0219 0x0a28  [ 650DDCCD6657E20737433CB774521B81, 0D38128D1C71070CB697130C9186610D41D2912CD472AEFACA9E641DF0FC1DDF ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys
22:02:49.0539 0x0a28  amdkmdag - ok
22:02:49.0589 0x0a28  [ F51B013C55B30DBE3AD59A7FE197C5BA, 3BED69D56FC6AB7A294FB8C322E0E9F454BA91E8FB6CDC2C36DD7F9FEBEAB95F ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
22:02:49.0639 0x0a28  amdkmdap - ok
22:02:49.0679 0x0a28  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
22:02:49.0699 0x0a28  AmdPPM - ok
22:02:49.0754 0x0a28  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
22:02:49.0774 0x0a28  amdsata - ok
22:02:49.0804 0x0a28  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
22:02:49.0829 0x0a28  amdsbs - ok
22:02:49.0844 0x0a28  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
22:02:49.0884 0x0a28  amdxata - ok
22:02:49.0964 0x0a28  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
22:02:50.0044 0x0a28  AppID - ok
22:02:50.0084 0x0a28  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
22:02:50.0149 0x0a28  AppIDSvc - ok
22:02:50.0194 0x0a28  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
22:02:50.0234 0x0a28  Appinfo - ok
22:02:50.0354 0x0a28  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:02:50.0379 0x0a28  Apple Mobile Device - ok
22:02:50.0429 0x0a28  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\windows\System32\appmgmts.dll
22:02:50.0484 0x0a28  AppMgmt - ok
22:02:50.0529 0x0a28  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\DRIVERS\arc.sys
22:02:50.0549 0x0a28  arc - ok
22:02:50.0564 0x0a28  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
22:02:50.0579 0x0a28  arcsas - ok
22:02:50.0604 0x0a28  [ CE2168C926927BA926301BAF172BC693, FC3DFCD5390DD3E80211E09177C762B7F8B2565A9A663D764AED8C6B4EAAA3C9 ] ARCVCAM         C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
22:02:50.0619 0x0a28  ARCVCAM - ok
22:02:51.0164 0x0a28  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:02:51.0289 0x0a28  aspnet_state - ok
22:02:51.0354 0x0a28  [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid         C:\windows\system32\drivers\aswHwid.sys
22:02:51.0364 0x0a28  aswHwid - ok
22:02:51.0409 0x0a28  [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt       C:\windows\system32\drivers\aswMonFlt.sys
22:02:51.0424 0x0a28  aswMonFlt - ok
22:02:51.0464 0x0a28  [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr          C:\windows\system32\drivers\aswRdr2.sys
22:02:51.0479 0x0a28  aswRdr - ok
22:02:51.0519 0x0a28  [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt         C:\windows\system32\drivers\aswRvrt.sys
22:02:51.0534 0x0a28  aswRvrt - ok
22:02:51.0729 0x0a28  [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx          C:\windows\system32\drivers\aswSnx.sys
22:02:51.0799 0x0a28  aswSnx - ok
22:02:51.0859 0x0a28  [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP           C:\windows\system32\drivers\aswSP.sys
22:02:51.0894 0x0a28  aswSP - ok
22:02:51.0949 0x0a28  [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm          C:\windows\system32\drivers\aswStm.sys
22:02:51.0964 0x0a28  aswStm - ok
22:02:52.0004 0x0a28  [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm          C:\windows\system32\drivers\aswVmm.sys
22:02:52.0024 0x0a28  aswVmm - ok
22:02:52.0054 0x0a28  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
22:02:52.0124 0x0a28  AsyncMac - ok
22:02:52.0174 0x0a28  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
22:02:52.0184 0x0a28  atapi - ok
22:02:52.0219 0x0a28  [ 2D648572BA9A610952FCAFBA1E119C2D, 4CD7E7D3C878DEF8CC18A925EAB1E0E8E8893BE99DA1E1F78FE9AD12EF1C48BC ] AtiHdmiService  C:\windows\system32\drivers\AtiHdmi.sys
22:02:52.0239 0x0a28  AtiHdmiService - ok
22:02:52.0489 0x0a28  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
22:02:52.0654 0x0a28  AudioEndpointBuilder - ok
22:02:52.0709 0x0a28  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll
22:02:52.0769 0x0a28  AudioSrv - ok
22:02:52.0994 0x0a28  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:02:53.0024 0x0a28  avast! Antivirus - ok
22:02:53.0094 0x0a28  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
22:02:53.0144 0x0a28  AxInstSV - ok
22:02:53.0214 0x0a28  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\DRIVERS\bxvbda.sys
22:02:53.0264 0x0a28  b06bdrv - ok
22:02:53.0334 0x0a28  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
22:02:53.0389 0x0a28  b57nd60a - ok
22:02:53.0459 0x0a28  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
22:02:53.0519 0x0a28  BDESVC - ok
22:02:53.0549 0x0a28  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
22:02:53.0619 0x0a28  Beep - ok
22:02:53.0739 0x0a28  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
22:02:53.0774 0x0a28  BFE - ok
22:02:53.0949 0x0a28  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
22:02:54.0079 0x0a28  BITS - ok
22:02:54.0129 0x0a28  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
22:02:54.0179 0x0a28  blbdrive - ok
22:02:54.0394 0x0a28  [ 2BBD2AB07D779278114BA6A694972F1A, 8E16856679AE4C25DA14CCFB8A93D5CA54E575D99D71A7D86CA47C85E73F5EF1 ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
22:02:54.0574 0x0a28  Bluetooth Device Manager - ok
22:02:54.0634 0x0a28  [ 87D6A02028E47CA696C4294C658E3EE6, ADFB4C5BD98C5642C4C94D38F22606C4316EBEBA9A81D86F8B2AFB75E66DE58D ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
22:02:54.0744 0x0a28  Bluetooth Media Service - ok
22:02:54.0769 0x0a28  [ 9AF4B2CF2F98CF6157CDFD917AE5785B, 5E2D31FA0C08FF181FF4B763555DFBA91806F09564FF2CB3089B3CDB59FC9DB6 ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
22:02:54.0799 0x0a28  Bluetooth OBEX Service - ok
22:02:54.0889 0x0a28  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:02:54.0944 0x0a28  Bonjour Service - ok
22:02:54.0979 0x0a28  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
22:02:55.0024 0x0a28  bowser - ok
22:02:55.0094 0x0a28  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
22:02:55.0149 0x0a28  BrFiltLo - ok
22:02:55.0179 0x0a28  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
22:02:55.0229 0x0a28  BrFiltUp - ok
22:02:55.0299 0x0a28  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys
22:02:55.0384 0x0a28  BridgeMP - ok
22:02:55.0469 0x0a28  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
22:02:55.0544 0x0a28  Browser - ok
22:02:55.0579 0x0a28  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
22:02:55.0634 0x0a28  Brserid - ok
22:02:55.0664 0x0a28  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
22:02:55.0704 0x0a28  BrSerWdm - ok
22:02:55.0754 0x0a28  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
22:02:55.0834 0x0a28  BrUsbMdm - ok
22:02:55.0859 0x0a28  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
22:02:55.0879 0x0a28  BrUsbSer - ok
22:02:55.0949 0x0a28  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
22:02:56.0059 0x0a28  BthEnum - ok
22:02:56.0089 0x0a28  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
22:02:56.0139 0x0a28  BTHMODEM - ok
22:02:56.0179 0x0a28  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
22:02:56.0239 0x0a28  BthPan - ok
22:02:56.0334 0x0a28  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
22:02:56.0399 0x0a28  BTHPORT - ok
22:02:56.0459 0x0a28  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
22:02:56.0574 0x0a28  bthserv - ok
22:02:56.0614 0x0a28  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
22:02:56.0639 0x0a28  BTHUSB - ok
22:02:56.0679 0x0a28  [ E588420B950DAC5AC397F76660BCE520, C688FDFBCED77624C36684521C03C966AC73D6A55355568B9767D4831F986C6B ] BTMCOM          C:\windows\system32\Drivers\btmcom.sys
22:02:56.0734 0x0a28  BTMCOM - ok
22:02:56.0924 0x0a28  [ 4EEF6B894E05FC245640DCEE9190A053, 01EE6D9B3D97DB447ACF2A6A4D65C6F50E40015F916092EC69941B85A71A3787 ] BTMUSB          C:\windows\system32\Drivers\btmusb.sys
22:02:57.0104 0x0a28  BTMUSB - ok
22:02:57.0239 0x0a28  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
22:02:57.0349 0x0a28  c2cautoupdatesvc - ok
22:02:57.0435 0x0a28  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
22:02:57.0515 0x0a28  c2cpnrsvc - ok
22:02:57.0555 0x0a28  catchme - ok
22:02:57.0595 0x0a28  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
22:02:57.0715 0x0a28  cdfs - ok
22:02:57.0880 0x0a28  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
22:02:57.0995 0x0a28  cdrom - ok
22:02:58.0075 0x0a28  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
22:02:58.0180 0x0a28  CertPropSvc - ok
22:02:58.0215 0x0a28  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
22:02:58.0280 0x0a28  circlass - ok
22:02:58.0386 0x0a28  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
22:02:58.0451 0x0a28  CLFS - ok
22:02:58.0706 0x0a28  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:02:58.0736 0x0a28  clr_optimization_v2.0.50727_32 - ok
22:02:58.0821 0x0a28  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:02:58.0871 0x0a28  clr_optimization_v2.0.50727_64 - ok
22:02:58.0951 0x0a28  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:02:59.0206 0x0a28  clr_optimization_v4.0.30319_32 - ok
22:02:59.0226 0x0a28  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:02:59.0316 0x0a28  clr_optimization_v4.0.30319_64 - ok
22:02:59.0331 0x0a28  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
22:02:59.0381 0x0a28  CmBatt - ok
22:02:59.0426 0x0a28  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
22:02:59.0441 0x0a28  cmdide - ok
22:02:59.0486 0x0a28  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\windows\system32\Drivers\cng.sys
22:02:59.0581 0x0a28  CNG - ok
22:02:59.0606 0x0a28  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
22:02:59.0616 0x0a28  Compbatt - ok
22:02:59.0666 0x0a28  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
22:02:59.0726 0x0a28  CompositeBus - ok
22:02:59.0756 0x0a28  COMSysApp - ok
22:02:59.0781 0x0a28  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
22:02:59.0796 0x0a28  crcdisk - ok
22:02:59.0856 0x0a28  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\windows\system32\cryptsvc.dll
22:02:59.0896 0x0a28  CryptSvc - ok
22:03:00.0056 0x0a28  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\windows\system32\drivers\csc.sys
22:03:00.0241 0x0a28  CSC - ok
22:03:00.0306 0x0a28  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\windows\System32\cscsvc.dll
22:03:00.0431 0x0a28  CscService - ok
22:03:00.0736 0x0a28  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:03:00.0811 0x0a28  cvhsvc - ok
22:03:00.0836 0x0a28  [ A8BA4DA23AC20BDA23CA15234D42A3FA, 951C59CD83F7D931EFE68CC950602834187E2225B11261C92F9E0DC0A6F5F544 ] DAMDrv          C:\windows\system32\DRIVERS\DAMDrv64.sys
22:03:00.0876 0x0a28  DAMDrv - ok
22:03:00.0971 0x0a28  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
22:03:01.0086 0x0a28  DcomLaunch - ok
22:03:01.0196 0x0a28  [ 0FD1090009949C58C86B40DD705D0F5D, C3B9B10A53B4D9678D7C71562BF3EAC3ED9293B5857D7266811C66B35907D747 ] DEBridge        c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
22:03:01.0311 0x0a28  DEBridge - detected UnsignedFile.Multi.Generic ( 1 )
22:03:04.0317 0x0a28  Detect skipped due to KSN trusted
22:03:04.0317 0x0a28  DEBridge - ok
22:03:04.0382 0x0a28  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
22:03:04.0512 0x0a28  defragsvc - ok
22:03:04.0552 0x0a28  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
22:03:04.0622 0x0a28  DfsC - ok
22:03:04.0682 0x0a28  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
22:03:04.0762 0x0a28  Dhcp - ok
22:03:04.0802 0x0a28  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
22:03:04.0852 0x0a28  discache - ok
22:03:04.0937 0x0a28  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\DRIVERS\disk.sys
22:03:04.0962 0x0a28  Disk - ok
22:03:04.0997 0x0a28  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
22:03:05.0042 0x0a28  Dnscache - ok
22:03:05.0097 0x0a28  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
22:03:05.0162 0x0a28  dot3svc - ok
22:03:05.0262 0x0a28  [ E0E65ED0985A28FB18128D6099E985C4, 19051EB2EA2338725ACC08222713F427FD2DB33458D229A0BA3CB5F412E4458F ] DpHost          C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
22:03:05.0302 0x0a28  DpHost - ok
22:03:05.0352 0x0a28  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
22:03:05.0399 0x0a28  DPS - ok
22:03:05.0439 0x0a28  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
22:03:05.0504 0x0a28  drmkaud - ok
22:03:05.0729 0x0a28  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
22:03:05.0809 0x0a28  DXGKrnl - ok
22:03:05.0874 0x0a28  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
22:03:05.0944 0x0a28  EapHost - ok
22:03:06.0259 0x0a28  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\DRIVERS\evbda.sys
22:03:06.0464 0x0a28  ebdrv - ok
22:03:06.0519 0x0a28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\windows\System32\lsass.exe
22:03:06.0589 0x0a28  EFS - ok
22:03:06.0694 0x0a28  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
22:03:06.0784 0x0a28  ehRecvr - ok
22:03:06.0864 0x0a28  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
22:03:06.0954 0x0a28  ehSched - ok
22:03:07.0014 0x0a28  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
22:03:07.0054 0x0a28  elxstor - ok
22:03:07.0094 0x0a28  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
22:03:07.0139 0x0a28  ErrDev - ok
22:03:07.0204 0x0a28  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
22:03:07.0294 0x0a28  EventSystem - ok
22:03:07.0344 0x0a28  ew_hwusbdev - ok
22:03:07.0369 0x0a28  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
22:03:07.0414 0x0a28  exfat - ok
22:03:07.0509 0x0a28  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
22:03:07.0579 0x0a28  fastfat - ok
22:03:07.0689 0x0a28  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
22:03:07.0779 0x0a28  Fax - ok
22:03:07.0819 0x0a28  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\DRIVERS\fdc.sys
22:03:07.0864 0x0a28  fdc - ok
22:03:07.0914 0x0a28  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
22:03:08.0004 0x0a28  fdPHost - ok
22:03:08.0039 0x0a28  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
22:03:08.0079 0x0a28  FDResPub - ok
22:03:08.0114 0x0a28  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
22:03:08.0124 0x0a28  FileInfo - ok
22:03:08.0154 0x0a28  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
22:03:08.0219 0x0a28  Filetrace - ok
22:03:09.0169 0x0a28  [ 7E728680AA428506A82351D859C32C95, 20C5FC186E6779E88BFA6E18B98B3728AFA274BF105E9210A30FA647885F57B5 ] FLCDLOCK        c:\Windows\SysWOW64\flcdlock.exe
22:03:09.0229 0x0a28  FLCDLOCK - ok
22:03:09.0284 0x0a28  [ 3D9B36631032FDE0FFEA0DC0260E4E35, 48B574A67D3FA015EBD078715CEC3E2B63B939D379CD4B40BFBB80397A2C58B3 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:03:09.0354 0x0a28  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
22:03:12.0164 0x0a28  Detect skipped due to KSN trusted
22:03:12.0164 0x0a28  FLEXnet Licensing Service - ok
22:03:12.0254 0x0a28  [ 52C0312AB35EB7187015FB6A99136BB5, 54A45B0BF8108D018C86FD0542DA92E7A6F58CDB92C9E3674E115CD770031732 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
22:03:12.0349 0x0a28  FLEXnet Licensing Service 64 - detected UnsignedFile.Multi.Generic ( 1 )
22:03:15.0425 0x0a28  Detect skipped due to KSN trusted
22:03:15.0430 0x0a28  FLEXnet Licensing Service 64 - ok
22:03:15.0490 0x0a28  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
22:03:15.0550 0x0a28  flpydisk - ok
22:03:15.0600 0x0a28  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
22:03:15.0635 0x0a28  FltMgr - ok
22:03:15.0735 0x0a28  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
22:03:15.0840 0x0a28  FontCache - ok
22:03:15.0935 0x0a28  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:03:15.0960 0x0a28  FontCache3.0.0.0 - ok
22:03:16.0080 0x0a28  [ 88FEB75E73EB62181FA47D2C76F3DAC9, A6CC59342E5F2284255F053D67E611EB02338421E8B27002323CC200F1DCEB95 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
22:03:16.0120 0x0a28  Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
22:03:18.0995 0x0a28  Detect skipped due to KSN trusted
22:03:18.0995 0x0a28  Freemake Improver - ok
22:03:19.0095 0x0a28  [ F4FB2D0477F6FA3FA045BD59EC74CFBB, 2D0E4617E3873A898FB34244A458BF50C7B378E75A74006D7B3FD6483E6EFA22 ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
22:03:19.0130 0x0a28  FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )
22:03:22.0095 0x0a28  Detect skipped due to KSN trusted
22:03:22.0095 0x0a28  FreemakeVideoCapture - ok
22:03:22.0115 0x0a28  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
22:03:22.0150 0x0a28  FsDepends - ok
22:03:22.0185 0x0a28  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
22:03:22.0205 0x0a28  Fs_Rec - ok
22:03:22.0265 0x0a28  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
22:03:22.0285 0x0a28  fvevol - ok
22:03:22.0310 0x0a28  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
22:03:22.0360 0x0a28  gagp30kx - ok
22:03:22.0425 0x0a28  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
22:03:22.0445 0x0a28  GEARAspiWDM - ok
22:03:22.0520 0x0a28  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
22:03:22.0635 0x0a28  gpsvc - ok
22:03:22.0670 0x0a28  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
22:03:22.0715 0x0a28  hcw85cir - ok
22:03:22.0780 0x0a28  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
22:03:22.0860 0x0a28  HdAudAddService - ok
22:03:22.0945 0x0a28  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
22:03:23.0005 0x0a28  HDAudBus - ok
22:03:23.0055 0x0a28  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\windows\system32\DRIVERS\HECIx64.sys
22:03:23.0070 0x0a28  HECIx64 - ok
22:03:23.0090 0x0a28  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
22:03:23.0110 0x0a28  HidBatt - ok
22:03:23.0140 0x0a28  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
22:03:23.0190 0x0a28  HidBth - ok
22:03:23.0225 0x0a28  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
22:03:23.0275 0x0a28  HidIr - ok
22:03:23.0315 0x0a28  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\System32\hidserv.dll
22:03:23.0370 0x0a28  hidserv - ok
22:03:23.0406 0x0a28  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\drivers\hidusb.sys
22:03:23.0421 0x0a28  HidUsb - ok
22:03:23.0466 0x0a28  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
22:03:23.0506 0x0a28  hkmsvc - ok
22:03:23.0556 0x0a28  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
22:03:23.0641 0x0a28  HomeGroupListener - ok
22:03:23.0691 0x0a28  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
22:03:23.0721 0x0a28  HomeGroupProvider - ok
22:03:23.0771 0x0a28  [ A094A4096AD7A90E2D790B590D3CBFD4, 7A40DD979EC99EF506DEA003DECAECA90F226E6EE946E1BACB2E8CB44B30407F ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
22:03:23.0786 0x0a28  HP Power Assistant Service - ok
22:03:23.0831 0x0a28  [ 657E81DF0625198C97F91C09AE9611FC, F9D35B68FE8130C1061E7A7D1439154F763328F298265C014BFA2B482A7D005D ] HP ProtectTools Service C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
22:03:23.0881 0x0a28  HP ProtectTools Service - detected UnsignedFile.Multi.Generic ( 1 )
22:03:26.0711 0x0a28  Detect skipped due to KSN trusted
22:03:26.0711 0x0a28  HP ProtectTools Service - ok
22:03:26.0771 0x0a28  [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
22:03:26.0786 0x0a28  HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
22:03:29.0602 0x0a28  Detect skipped due to KSN trusted
22:03:29.0607 0x0a28  HP Support Assistant Service - ok
22:03:29.0652 0x0a28  [ 58CC11D14D88EF70EF7ABBC75B5EEBD8, 769FAE57F3BDF81890976DA51FB9C89D520653E5D0072A6DB98C7B8FACD54E87 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
22:03:29.0677 0x0a28  HP Wireless Assistant Service - ok
22:03:29.0727 0x0a28  [ 94C74D758E0F7B1D962DA452B4D28C91, F7E8F0C4895C50E25C4E6073BE008099D8BC9F1AA1298C53EC2561B00D8EC2B9 ] HPDayStarterService c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
22:03:29.0767 0x0a28  HPDayStarterService - detected UnsignedFile.Multi.Generic ( 1 )
22:03:32.0672 0x0a28  Detect skipped due to KSN trusted
22:03:32.0672 0x0a28  HPDayStarterService - ok
22:03:32.0767 0x0a28  [ 33761EBD9A26DE33BC83DD2DAFEC4513, F1A397D6B72F998A64B8BBAA292C13E8354D2C1BE14B7C46840A512AA3BE1770 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
22:03:32.0807 0x0a28  HPDrvMntSvc.exe - ok
22:03:32.0827 0x0a28  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\windows\system32\DRIVERS\hpdskflt.sys
22:03:32.0847 0x0a28  hpdskflt - ok
22:03:32.0872 0x0a28  [ 393383FE7F577B4A111B44445716FCB3, 649C6C265CE3284E483E7E92E389B6CE05ACFB835A8D9F9AD2CA719943FEF201 ] HpFkCryptService c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
22:03:32.0892 0x0a28  HpFkCryptService - ok
22:03:32.0922 0x0a28  [ C9D858E20AE696E7A0D9A05B595F850A, 7ECBEC97E26D89EA18E44F6F4469154F79D664BDB96E7AE451959D9E1F839B3D ] HPFSService     C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
22:03:32.0967 0x0a28  HPFSService - detected UnsignedFile.Multi.Generic ( 1 )
22:03:35.0782 0x0a28  Detect skipped due to KSN trusted
22:03:35.0782 0x0a28  HPFSService - ok
22:03:35.0862 0x0a28  [ 120C1CEB5E45DB0A04416242BD6C1E3E, 0229D67D6D98DFAEC105AD0CDE4C4A0E11B7E41C8372B863148DDF2AE3355BA7 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
22:03:35.0907 0x0a28  hpHotkeyMonitor - ok
22:03:35.0937 0x0a28  [ B98EE5D4535A685634B90F7E04DE0DF7, E37D26EF83B70E84742498D2F53037F83BE13F0E01484D85A20C872F1F02ADDA ] HpqKbFiltr      C:\windows\system32\DRIVERS\HpqKbFiltr.sys
22:03:35.0957 0x0a28  HpqKbFiltr - ok
22:03:36.0002 0x0a28  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
22:03:36.0052 0x0a28  hpqwmiex - ok
22:03:36.0112 0x0a28  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
22:03:36.0137 0x0a28  HpSAMD - ok
22:03:36.0177 0x0a28  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\windows\system32\Hpservice.exe
22:03:36.0197 0x0a28  hpsrv - ok
22:03:36.0292 0x0a28  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
22:03:36.0397 0x0a28  HTTP - ok
22:03:36.0428 0x0a28  huawei_cdcacm - ok
22:03:36.0453 0x0a28  huawei_enumerator - ok
22:03:36.0483 0x0a28  [ CF0AD2F002AFB65460FEC4699F90BA10, F02CABC077DA12C02AC8EC6EDB4434063F5F01973CB0AA7700A707C92CAEF7D9 ] hwdatacard      C:\windows\system32\DRIVERS\ewusbmdm.sys
22:03:36.0523 0x0a28  hwdatacard - ok
22:03:36.0568 0x0a28  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
22:03:36.0583 0x0a28  hwpolicy - ok
22:03:36.0663 0x0a28  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
22:03:36.0703 0x0a28  i8042prt - ok
22:03:36.0768 0x0a28  [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
22:03:36.0788 0x0a28  iaStor - ok
22:03:36.0853 0x0a28  [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:03:36.0903 0x0a28  IAStorDataMgrSvc - ok
22:03:36.0988 0x0a28  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
22:03:37.0028 0x0a28  iaStorV - ok
22:03:37.0118 0x0a28  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:03:37.0168 0x0a28  idsvc - ok
22:03:37.0198 0x0a28  IEEtwCollectorService - ok
22:03:37.0223 0x0a28  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
22:03:37.0238 0x0a28  iirsp - ok
22:03:37.0338 0x0a28  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
22:03:37.0458 0x0a28  IKEEXT - ok
22:03:37.0518 0x0a28  [ 4B6363CD4610BB848531BB260B15DFCC, 13A8AA9571497086341AC00797EFF212FF76EE62F9CFF758D3C08B377EC7BF04 ] Impcd           C:\windows\system32\DRIVERS\Impcd.sys
22:03:37.0558 0x0a28  Impcd - ok
22:03:37.0613 0x0a28  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
22:03:37.0628 0x0a28  intelide - ok
22:03:37.0658 0x0a28  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
22:03:37.0713 0x0a28  intelppm - ok
22:03:37.0768 0x0a28  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
22:03:37.0858 0x0a28  IPBusEnum - ok
22:03:37.0908 0x0a28  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
22:03:37.0978 0x0a28  IpFilterDriver - ok
22:03:38.0048 0x0a28  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
22:03:38.0133 0x0a28  iphlpsvc - ok
22:03:38.0178 0x0a28  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
22:03:38.0208 0x0a28  IPMIDRV - ok
22:03:38.0248 0x0a28  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
22:03:38.0308 0x0a28  IPNAT - ok
22:03:38.0433 0x0a28  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:03:38.0483 0x0a28  iPod Service - ok
22:03:38.0523 0x0a28  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
22:03:38.0578 0x0a28  IRENUM - ok
22:03:38.0618 0x0a28  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
22:03:38.0658 0x0a28  isapnp - ok
22:03:38.0703 0x0a28  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
22:03:38.0723 0x0a28  iScsiPrt - ok
22:03:38.0748 0x0a28  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\drivers\kbdclass.sys
22:03:38.0763 0x0a28  kbdclass - ok
22:03:38.0813 0x0a28  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
22:03:38.0858 0x0a28  kbdhid - ok
22:03:38.0903 0x0a28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\windows\system32\lsass.exe
22:03:38.0923 0x0a28  KeyIso - ok
22:03:38.0933 0x0a28  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
22:03:38.0948 0x0a28  KSecDD - ok
22:03:39.0003 0x0a28  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
22:03:39.0018 0x0a28  KSecPkg - ok
22:03:39.0038 0x0a28  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
22:03:39.0123 0x0a28  ksthunk - ok
22:03:39.0168 0x0a28  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
22:03:39.0273 0x0a28  KtmRm - ok
22:03:39.0318 0x0a28  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\System32\srvsvc.dll
22:03:39.0418 0x0a28  LanmanServer - ok
22:03:39.0458 0x0a28  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
22:03:39.0548 0x0a28  LanmanWorkstation - ok
22:03:39.0593 0x0a28  [ 83D8BE94E1CBCBE2EA8372DB1A95A159, 28D18C7B93EFB6C83023D39A54489DDE98DE578AFCC06DD0712D00DE7CD48968 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
22:03:39.0648 0x0a28  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
22:03:42.0658 0x0a28  Detect skipped due to KSN trusted
22:03:42.0658 0x0a28  LightScribeService - ok
22:03:42.0688 0x0a28  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
22:03:42.0733 0x0a28  lltdio - ok
22:03:42.0763 0x0a28  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
22:03:42.0813 0x0a28  lltdsvc - ok
22:03:42.0833 0x0a28  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
22:03:42.0893 0x0a28  lmhosts - ok
22:03:42.0958 0x0a28  [ BB4E55778D8DE3885E1CDAC795DE7BCE, 5917F1E686E8CB5144AAC28CAD4135C517D4248804AEA289AD95B2B23A111E79 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:03:43.0003 0x0a28  LMS - ok
22:03:43.0038 0x0a28  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
22:03:43.0058 0x0a28  LSI_FC - ok
22:03:43.0078 0x0a28  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
22:03:43.0093 0x0a28  LSI_SAS - ok
22:03:43.0113 0x0a28  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
22:03:43.0123 0x0a28  LSI_SAS2 - ok
22:03:43.0143 0x0a28  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
22:03:43.0158 0x0a28  LSI_SCSI - ok
22:03:43.0193 0x0a28  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
22:03:43.0258 0x0a28  luafv - ok
22:03:43.0343 0x0a28  [ 9D9ED48F841EA37AA5310D54B9E5D3C7, 147DBEBE08A49486F91B30DE3606AC3B7D765DA751DF6880FA5A2D8FBAA2E2A2 ] mbamchameleon   C:\windows\system32\drivers\mbamchameleon.sys
22:03:43.0368 0x0a28  mbamchameleon - ok
22:03:43.0408 0x0a28  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
22:03:43.0433 0x0a28  Mcx2Svc - ok
22:03:43.0438 0x0a28  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
22:03:43.0448 0x0a28  megasas - ok
22:03:43.0473 0x0a28  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
22:03:43.0493 0x0a28  MegaSR - ok
22:03:43.0573 0x0a28  Microsoft SharePoint Workspace Audit Service - ok
22:03:43.0613 0x0a28  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
22:03:43.0708 0x0a28  MMCSS - ok
22:03:43.0748 0x0a28  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
22:03:43.0843 0x0a28  Modem - ok
22:03:43.0878 0x0a28  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
22:03:43.0918 0x0a28  monitor - ok
22:03:43.0993 0x0a28  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
22:03:44.0018 0x0a28  mouclass - ok
22:03:44.0048 0x0a28  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
22:03:44.0103 0x0a28  mouhid - ok
22:03:44.0153 0x0a28  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
22:03:44.0183 0x0a28  mountmgr - ok
22:03:44.0278 0x0a28  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:03:44.0303 0x0a28  MozillaMaintenance - ok
22:03:44.0348 0x0a28  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
22:03:44.0373 0x0a28  mpio - ok
22:03:44.0398 0x0a28  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
22:03:44.0438 0x0a28  mpsdrv - ok
22:03:44.0533 0x0a28  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
22:03:44.0638 0x0a28  MpsSvc - ok
22:03:44.0678 0x0a28  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
22:03:44.0738 0x0a28  MRxDAV - ok
22:03:44.0803 0x0a28  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
22:03:44.0858 0x0a28  mrxsmb - ok
22:03:44.0913 0x0a28  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
22:03:45.0008 0x0a28  mrxsmb10 - ok
22:03:45.0048 0x0a28  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
22:03:45.0103 0x0a28  mrxsmb20 - ok
22:03:45.0128 0x0a28  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
22:03:45.0148 0x0a28  msahci - ok
22:03:45.0208 0x0a28  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
22:03:45.0243 0x0a28  msdsm - ok
22:03:45.0273 0x0a28  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
22:03:45.0323 0x0a28  MSDTC - ok
22:03:45.0373 0x0a28  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
22:03:45.0513 0x0a28  Msfs - ok
22:03:45.0533 0x0a28  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
22:03:45.0598 0x0a28  mshidkmdf - ok
22:03:45.0633 0x0a28  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
22:03:45.0643 0x0a28  msisadrv - ok
22:03:45.0668 0x0a28  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
22:03:45.0748 0x0a28  MSiSCSI - ok
22:03:45.0753 0x0a28  msiserver - ok
22:03:45.0783 0x0a28  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
22:03:45.0848 0x0a28  MSKSSRV - ok
22:03:45.0878 0x0a28  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
22:03:45.0983 0x0a28  MSPCLOCK - ok
22:03:46.0013 0x0a28  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
22:03:46.0078 0x0a28  MSPQM - ok
22:03:46.0128 0x0a28  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
22:03:46.0158 0x0a28  MsRPC - ok
22:03:46.0203 0x0a28  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
22:03:46.0223 0x0a28  mssmbios - ok
22:03:46.0238 0x0a28  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
22:03:46.0308 0x0a28  MSTEE - ok
22:03:46.0338 0x0a28  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
22:03:46.0378 0x0a28  MTConfig - ok
22:03:46.0424 0x0a28  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
22:03:46.0474 0x0a28  Mup - ok
22:03:46.0524 0x0a28  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
22:03:46.0589 0x0a28  napagent - ok
22:03:46.0624 0x0a28  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
22:03:46.0679 0x0a28  NativeWifiP - ok
22:03:46.0754 0x0a28  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
22:03:46.0804 0x0a28  NDIS - ok
22:03:46.0819 0x0a28  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
22:03:46.0859 0x0a28  NdisCap - ok
22:03:46.0874 0x0a28  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
22:03:46.0979 0x0a28  NdisTapi - ok
22:03:47.0029 0x0a28  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
22:03:47.0094 0x0a28  Ndisuio - ok
22:03:47.0129 0x0a28  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
22:03:47.0214 0x0a28  NdisWan - ok
22:03:47.0254 0x0a28  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
22:03:47.0319 0x0a28  NDProxy - ok
22:03:47.0354 0x0a28  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
22:03:47.0394 0x0a28  NetBIOS - ok
22:03:47.0449 0x0a28  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
22:03:47.0549 0x0a28  NetBT - ok
22:03:47.0584 0x0a28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\windows\system32\lsass.exe
22:03:47.0634 0x0a28  Netlogon - ok
22:03:47.0689 0x0a28  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
22:03:47.0784 0x0a28  Netman - ok
22:03:47.0874 0x0a28  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:03:47.0954 0x0a28  NetMsmqActivator - ok
22:03:47.0984 0x0a28  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:03:47.0999 0x0a28  NetPipeActivator - ok
22:03:48.0029 0x0a28  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
22:03:48.0114 0x0a28  netprofm - ok
22:03:48.0264 0x0a28  [ 2EED549279D7FBD10B846B5397573967, 4F7EBB6C1AC58D1EFFA7A86AC799137FC88F5CCA3AC27E563B4EE2AF1EAE4ECC ] netr28x         C:\windows\system32\DRIVERS\netr28x.sys
22:03:48.0459 0x0a28  netr28x - ok
22:03:48.0484 0x0a28  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:03:48.0504 0x0a28  NetTcpActivator - ok
22:03:48.0514 0x0a28  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:03:48.0529 0x0a28  NetTcpPortSharing - ok
22:03:48.0559 0x0a28  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
22:03:48.0574 0x0a28  nfrd960 - ok
22:03:48.0634 0x0a28  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\windows\System32\nlasvc.dll
22:03:48.0684 0x0a28  NlaSvc - ok
22:03:48.0734 0x0a28  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
22:03:48.0774 0x0a28  Npfs - ok
22:03:48.0809 0x0a28  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
22:03:48.0884 0x0a28  nsi - ok
22:03:48.0909 0x0a28  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
22:03:48.0994 0x0a28  nsiproxy - ok
22:03:49.0104 0x0a28  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
22:03:49.0179 0x0a28  Ntfs - ok
22:03:49.0194 0x0a28  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
22:03:49.0259 0x0a28  Null - ok
22:03:49.0309 0x0a28  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
22:03:49.0339 0x0a28  nvraid - ok
22:03:49.0354 0x0a28  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
22:03:49.0369 0x0a28  nvstor - ok
22:03:49.0419 0x0a28  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
22:03:49.0439 0x0a28  nv_agp - ok
22:03:49.0489 0x0a28  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
22:03:49.0534 0x0a28  ohci1394 - ok
22:03:49.0629 0x0a28  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:03:49.0649 0x0a28  ose - ok
22:03:49.0874 0x0a28  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:03:50.0094 0x0a28  osppsvc - ok
22:03:50.0134 0x0a28  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
22:03:50.0199 0x0a28  p2pimsvc - ok
22:03:50.0239 0x0a28  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
22:03:50.0304 0x0a28  p2psvc - ok
22:03:50.0344 0x0a28  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\DRIVERS\parport.sys
22:03:50.0364 0x0a28  Parport - ok
22:03:50.0414 0x0a28  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
22:03:50.0434 0x0a28  partmgr - ok
22:03:50.0444 0x0a28  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
22:03:50.0474 0x0a28  PcaSvc - ok
22:03:50.0524 0x0a28  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
22:03:50.0544 0x0a28  pci - ok
22:03:50.0569 0x0a28  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
22:03:50.0579 0x0a28  pciide - ok
22:03:50.0609 0x0a28  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
22:03:50.0629 0x0a28  pcmcia - ok
22:03:50.0654 0x0a28  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
22:03:50.0669 0x0a28  pcw - ok
22:03:50.0704 0x0a28  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
22:03:50.0814 0x0a28  PEAUTH - ok
22:03:50.0909 0x0a28  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\windows\system32\peerdistsvc.dll
22:03:50.0979 0x0a28  PeerDistSvc - ok
22:03:51.0054 0x0a28  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
22:03:51.0109 0x0a28  PerfHost - ok
22:03:51.0204 0x0a28  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
22:03:51.0324 0x0a28  pla - ok
22:03:51.0404 0x0a28  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
22:03:51.0469 0x0a28  PlugPlay - ok
22:03:51.0509 0x0a28  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
22:03:51.0529 0x0a28  PNRPAutoReg - ok
22:03:51.0549 0x0a28  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
22:03:51.0574 0x0a28  PNRPsvc - ok
22:03:51.0634 0x0a28  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
22:03:51.0714 0x0a28  PolicyAgent - ok
22:03:51.0779 0x0a28  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
22:03:51.0894 0x0a28  Power - ok
22:03:51.0974 0x0a28  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
22:03:52.0054 0x0a28  PptpMiniport - ok
22:03:52.0084 0x0a28  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\DRIVERS\processr.sys
22:03:52.0134 0x0a28  Processor - ok
22:03:52.0199 0x0a28  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\windows\system32\profsvc.dll
22:03:52.0244 0x0a28  ProfSvc - ok
22:03:52.0259 0x0a28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe
22:03:52.0279 0x0a28  ProtectedStorage - ok
22:03:52.0289 0x0a28  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
22:03:52.0359 0x0a28  Psched - ok
22:03:52.0424 0x0a28  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\windows\system32\DRIVERS\psi_mf_amd64.sys
22:03:52.0439 0x0a28  PSI - ok
22:03:52.0509 0x0a28  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
22:03:52.0574 0x0a28  ql2300 - ok
22:03:52.0614 0x0a28  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
22:03:52.0634 0x0a28  ql40xx - ok
22:03:52.0659 0x0a28  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
22:03:52.0689 0x0a28  QWAVE - ok
22:03:52.0714 0x0a28  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
22:03:52.0759 0x0a28  QWAVEdrv - ok
22:03:52.0794 0x0a28  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
22:03:52.0829 0x0a28  RasAcd - ok
22:03:53.0149 0x0a28  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
22:03:53.0224 0x0a28  RasAgileVpn - ok
22:03:53.0259 0x0a28  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
22:03:53.0334 0x0a28  RasAuto - ok
22:03:53.0374 0x0a28  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
22:03:53.0444 0x0a28  Rasl2tp - ok
22:03:53.0484 0x0a28  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
22:03:53.0569 0x0a28  RasMan - ok
22:03:53.0604 0x0a28  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
22:03:53.0674 0x0a28  RasPppoe - ok
22:03:53.0709 0x0a28  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
22:03:53.0784 0x0a28  RasSstp - ok
22:03:53.0824 0x0a28  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
22:03:53.0899 0x0a28  rdbss - ok
22:03:53.0939 0x0a28  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
22:03:53.0959 0x0a28  rdpbus - ok
22:03:53.0969 0x0a28  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
22:03:54.0034 0x0a28  RDPCDD - ok
22:03:54.0084 0x0a28  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
22:03:54.0164 0x0a28  RDPDR - ok
22:03:54.0189 0x0a28  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
22:03:54.0274 0x0a28  RDPENCDD - ok
22:03:54.0299 0x0a28  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
22:03:54.0344 0x0a28  RDPREFMP - ok
22:03:54.0409 0x0a28  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
22:03:54.0464 0x0a28  RdpVideoMiniport - ok
22:03:54.0514 0x0a28  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
22:03:54.0559 0x0a28  RDPWD - ok
22:03:54.0619 0x0a28  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
22:03:54.0639 0x0a28  rdyboost - ok
22:03:54.0664 0x0a28  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
22:03:54.0734 0x0a28  RemoteAccess - ok
22:03:54.0779 0x0a28  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
22:03:54.0829 0x0a28  RemoteRegistry - ok
22:03:54.0879 0x0a28  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
22:03:54.0929 0x0a28  RFCOMM - ok
22:03:54.0964 0x0a28  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
22:03:55.0059 0x0a28  RpcEptMapper - ok
22:03:55.0094 0x0a28  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
22:03:55.0139 0x0a28  RpcLocator - ok
22:03:55.0199 0x0a28  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
22:03:55.0254 0x0a28  RpcSs - ok
22:03:55.0279 0x0a28  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
22:03:55.0344 0x0a28  rspndr - ok
22:03:55.0409 0x0a28  [ 30F463768D5143BFD7B2DF822B53CF4D, 3DD94DDF95086C7C2A83617B499627C04D020BF9F230C0F080B169CB846F796F ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
22:03:55.0429 0x0a28  RSUSBSTOR - ok
22:03:55.0454 0x0a28  [ ECBAB4CD65CBEDBE26EC6838E4FB7C1C, 8286107274E8A0F77F536B7986ADCC050A326E8F2D39194503A0EB6AD7096EEC ] RsvLock         C:\windows\system32\drivers\RsvLock.sys
22:03:55.0469 0x0a28  RsvLock - ok
22:03:55.0494 0x0a28  [ FD978B2BF8A9B2390DCBEF435E9C1F9F, 52CFFE354006CCF087D3651D9D2AF201FD8A8FE8FB7D9CAAC8A527E91838ACE6 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
22:03:55.0579 0x0a28  RTL8167 - ok
22:03:55.0619 0x0a28  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\windows\system32\drivers\vms3cap.sys
22:03:55.0654 0x0a28  s3cap - ok
22:03:55.0674 0x0a28  [ 317A99735C3A26C5CD60AB59E5E7E4E2, 92155F1C5757DEBB135B68F910A975162F02269B420D53A8F7F78206793231B9 ] SafeBoot        C:\windows\system32\drivers\SafeBoot.sys
22:03:55.0674 0x0a28  Suspicious file ( NoAccess ): C:\windows\system32\drivers\SafeBoot.sys. md5: 317A99735C3A26C5CD60AB59E5E7E4E2, sha256: 92155F1C5757DEBB135B68F910A975162F02269B420D53A8F7F78206793231B9
22:03:55.0674 0x0a28  SafeBoot - detected LockedFile.Multi.Generic ( 1 )
22:03:58.0515 0x0a28  Detect skipped due to KSN trusted
22:03:58.0515 0x0a28  SafeBoot - ok
22:03:58.0530 0x0a28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\windows\system32\lsass.exe
22:03:58.0565 0x0a28  SamSs - ok
22:03:58.0575 0x0a28  [ FD8714A36C4646DE22DDC7E36F6D09EF, DA91F0360B7869897D1BC9F24A3473D429B3C6E4605CBD675CDC96F30661C7C5 ] SbAlg           C:\windows\system32\drivers\SbAlg.sys
22:03:58.0590 0x0a28  SbAlg - ok
22:03:58.0605 0x0a28  [ FCAA034231E58B0DE64D0A7904015535, ED8DFACD2C398E0756C30160741680EEEC15B7BDF3B6F5BD0B0E32FB10E6EB99 ] SbFsLock        C:\windows\system32\drivers\SbFsLock.sys
22:03:58.0620 0x0a28  SbFsLock - ok
22:03:58.0665 0x0a28  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
22:03:58.0680 0x0a28  sbp2port - ok
22:03:58.0705 0x0a28  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
22:03:58.0795 0x0a28  SCardSvr - ok
22:03:58.0840 0x0a28  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
22:03:58.0905 0x0a28  scfilter - ok
22:03:58.0975 0x0a28  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
22:03:59.0090 0x0a28  Schedule - ok
22:03:59.0130 0x0a28  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
22:03:59.0170 0x0a28  SCPolicySvc - ok
22:03:59.0225 0x0a28  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\windows\system32\drivers\sdbus.sys
22:03:59.0305 0x0a28  sdbus - ok
22:03:59.0345 0x0a28  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
22:03:59.0410 0x0a28  SDRSVC - ok
22:03:59.0440 0x0a28  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
22:03:59.0515 0x0a28  secdrv - ok
22:03:59.0545 0x0a28  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
22:03:59.0610 0x0a28  seclogon - ok
22:03:59.0830 0x0a28  [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
22:03:59.0920 0x0a28  Secunia PSI Agent - ok
22:03:59.0955 0x0a28  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\system32\sens.dll
22:04:00.0025 0x0a28  SENS - ok
22:04:00.0060 0x0a28  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
22:04:00.0105 0x0a28  SensrSvc - ok
22:04:00.0140 0x0a28  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
22:04:00.0155 0x0a28  Serenum - ok
22:04:00.0180 0x0a28  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\DRIVERS\serial.sys
22:04:00.0225 0x0a28  Serial - ok
22:04:00.0290 0x0a28  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
22:04:00.0335 0x0a28  sermouse - ok
22:04:00.0385 0x0a28  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
22:04:00.0445 0x0a28  SessionEnv - ok
22:04:00.0491 0x0a28  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
22:04:00.0506 0x0a28  sffdisk - ok
22:04:00.0521 0x0a28  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
22:04:00.0536 0x0a28  sffp_mmc - ok
22:04:00.0541 0x0a28  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
22:04:00.0586 0x0a28  sffp_sd - ok
22:04:00.0621 0x0a28  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
22:04:00.0666 0x0a28  sfloppy - ok
22:04:00.0791 0x0a28  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\windows\system32\DRIVERS\Sftfslh.sys
22:04:00.0836 0x0a28  Sftfs - ok
22:04:00.0941 0x0a28  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
22:04:00.0991 0x0a28  sftlist - ok
22:04:01.0011 0x0a28  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\windows\system32\DRIVERS\Sftplaylh.sys
22:04:01.0036 0x0a28  Sftplay - ok
22:04:01.0051 0x0a28  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\windows\system32\DRIVERS\Sftredirlh.sys
22:04:01.0061 0x0a28  Sftredir - ok
22:04:01.0071 0x0a28  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\windows\system32\DRIVERS\Sftvollh.sys
22:04:01.0081 0x0a28  Sftvol - ok
22:04:01.0126 0x0a28  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
22:04:01.0146 0x0a28  sftvsa - ok
22:04:01.0191 0x0a28  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
22:04:01.0281 0x0a28  SharedAccess - ok
22:04:01.0326 0x0a28  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
22:04:01.0411 0x0a28  ShellHWDetection - ok
22:04:01.0461 0x0a28  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
22:04:01.0476 0x0a28  SiSRaid2 - ok
22:04:01.0491 0x0a28  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
22:04:01.0511 0x0a28  SiSRaid4 - ok
22:04:01.0536 0x0a28  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
22:04:01.0611 0x0a28  Smb - ok
22:04:01.0656 0x0a28  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
22:04:01.0686 0x0a28  SNMPTRAP - ok
22:04:01.0801 0x0a28  [ 6FC63B4B19FB809336034D5C5C4D2BC0, A3713383FD874A42B312F08568C854C0B93203EF21611EE64F37FC3F169C7A5D ] SNP2UVC         C:\windows\system32\DRIVERS\snp2uvc.sys
22:04:01.0876 0x0a28  SNP2UVC - ok
22:04:01.0891 0x0a28  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
22:04:01.0906 0x0a28  spldr - ok
22:04:01.0966 0x0a28  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
22:04:02.0011 0x0a28  Spooler - ok
22:04:02.0186 0x0a28  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
22:04:02.0426 0x0a28  sppsvc - ok
22:04:02.0467 0x0a28  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
22:04:02.0537 0x0a28  sppuinotify - ok
22:04:02.0587 0x0a28  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
22:04:02.0627 0x0a28  srv - ok
22:04:02.0647 0x0a28  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
22:04:02.0707 0x0a28  srv2 - ok
22:04:02.0742 0x0a28  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
22:04:02.0762 0x0a28  srvnet - ok
22:04:02.0777 0x0a28  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
22:04:02.0827 0x0a28  SSDPSRV - ok
22:04:02.0842 0x0a28  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
22:04:02.0882 0x0a28  SstpSvc - ok
22:04:02.0957 0x0a28  [ F8807AAF697E1D20C9D7716A4941E574, A75EC77F4999699562446922FD633347FBB1B61E2A5E049AC9ED3ED2290648F4 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
22:04:03.0012 0x0a28  STacSV - ok
22:04:03.0037 0x0a28  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
22:04:03.0052 0x0a28  stexstor - ok
22:04:03.0102 0x0a28  [ 96DF19A03D37F8568141612D31F0D035, 767FE2E1EC78CBC472C9F494515D966607AB9E556E3C5F2C77A034D1C4148207 ] STHDA           C:\windows\system32\DRIVERS\stwrt64.sys
22:04:03.0172 0x0a28  STHDA - ok
22:04:03.0262 0x0a28  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
22:04:03.0317 0x0a28  stisvc - ok
22:04:03.0372 0x0a28  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\windows\system32\drivers\vmstorfl.sys
22:04:03.0402 0x0a28  storflt - ok
22:04:03.0422 0x0a28  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\windows\system32\storsvc.dll
22:04:03.0462 0x0a28  StorSvc - ok
22:04:03.0507 0x0a28  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\windows\system32\drivers\storvsc.sys
22:04:03.0532 0x0a28  storvsc - ok
22:04:03.0577 0x0a28  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
22:04:03.0597 0x0a28  swenum - ok
22:04:03.0637 0x0a28  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
22:04:03.0732 0x0a28  swprv - ok
22:04:03.0802 0x0a28  [ D268D2A0DB2A2BBE963E688D0B039267, DBEF7A1E1E015825E4C2BD80FE3D468E8A6840A44027381CDD4B96605D2FC12A ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
22:04:03.0862 0x0a28  SynTP - ok
22:04:03.0987 0x0a28  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
22:04:04.0112 0x0a28  SysMain - ok
22:04:04.0152 0x0a28  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
22:04:04.0207 0x0a28  TabletInputService - ok
22:04:04.0257 0x0a28  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
22:04:04.0352 0x0a28  TapiSrv - ok
22:04:04.0382 0x0a28  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
22:04:04.0477 0x0a28  TBS - ok
22:04:04.0587 0x0a28  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
22:04:04.0667 0x0a28  Tcpip - ok
22:04:04.0732 0x0a28  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
22:04:04.0787 0x0a28  TCPIP6 - ok
22:04:04.0837 0x0a28  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
22:04:04.0927 0x0a28  tcpipreg - ok
22:04:04.0947 0x0a28  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
22:04:04.0992 0x0a28  TDPIPE - ok
22:04:05.0042 0x0a28  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
22:04:05.0097 0x0a28  TDTCP - ok
22:04:05.0137 0x0a28  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
22:04:05.0217 0x0a28  tdx - ok
22:04:05.0262 0x0a28  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
22:04:05.0277 0x0a28  TermDD - ok
22:04:05.0347 0x0a28  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\windows\System32\termsrv.dll
22:04:05.0447 0x0a28  TermService - ok
22:04:05.0498 0x0a28  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
22:04:05.0523 0x0a28  Themes - ok
22:04:05.0543 0x0a28  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
22:04:05.0583 0x0a28  THREADORDER - ok
22:04:05.0603 0x0a28  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\windows\system32\drivers\tpm.sys
22:04:05.0643 0x0a28  TPM - ok
22:04:05.0673 0x0a28  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
22:04:05.0748 0x0a28  TrkWks - ok
22:04:05.0838 0x0a28  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
22:04:05.0928 0x0a28  TrustedInstaller - ok
22:04:05.0963 0x0a28  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
22:04:06.0003 0x0a28  tssecsrv - ok
22:04:06.0038 0x0a28  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
22:04:06.0058 0x0a28  TsUsbFlt - ok
22:04:06.0103 0x0a28  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
22:04:06.0178 0x0a28  tunnel - ok
22:04:06.0263 0x0a28  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
22:04:06.0278 0x0a28  uagp35 - ok
22:04:06.0323 0x0a28  [ 9EEA84226ED2A028BC3FDFDDE03FE95C, 5DF9428D0B2078CD0C391B0721117C989D680E78A2B8D54DAA9662B1894F772A ] uArcCapture     C:\windows\system\uArcCapture.exe
22:04:06.0358 0x0a28  uArcCapture - ok
22:04:06.0388 0x0a28  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
22:04:06.0448 0x0a28  udfs - ok
22:04:06.0483 0x0a28  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
22:04:06.0528 0x0a28  UI0Detect - ok
22:04:06.0573 0x0a28  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
22:04:06.0588 0x0a28  uliagpkx - ok
22:04:06.0638 0x0a28  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys
22:04:06.0658 0x0a28  umbus - ok
22:04:06.0683 0x0a28  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
22:04:06.0723 0x0a28  UmPass - ok
22:04:06.0773 0x0a28  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\windows\System32\umrdp.dll
22:04:06.0868 0x0a28  UmRdpService - ok
22:04:07.0013 0x0a28  [ 44AA8D5D3B3B5610FEF46CA8A9C52D8C, 5BEDCAB90084D570394B6C209E9F0DAB32468FF11548479480E985059B78CE6E ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:04:07.0103 0x0a28  UNS - ok
22:04:07.0143 0x0a28  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
22:04:07.0228 0x0a28  upnphost - ok
22:04:07.0278 0x0a28  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
22:04:07.0313 0x0a28  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
22:04:10.0289 0x0a28  Detect skipped due to KSN trusted
22:04:10.0289 0x0a28  USBAAPL64 - ok
22:04:10.0319 0x0a28  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
22:04:10.0354 0x0a28  usbccgp - ok
22:04:10.0404 0x0a28  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
22:04:10.0449 0x0a28  usbcir - ok
22:04:10.0489 0x0a28  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\drivers\usbehci.sys
22:04:10.0509 0x0a28  usbehci - ok
22:04:10.0564 0x0a28  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
22:04:10.0624 0x0a28  usbhub - ok
22:04:10.0659 0x0a28  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys
22:04:10.0704 0x0a28  usbohci - ok
22:04:10.0744 0x0a28  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
22:04:10.0799 0x0a28  usbprint - ok
22:04:10.0839 0x0a28  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
22:04:10.0879 0x0a28  USBSTOR - ok
22:04:10.0919 0x0a28  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
22:04:10.0959 0x0a28  usbuhci - ok
22:04:11.0034 0x0a28  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
22:04:11.0089 0x0a28  usbvideo - ok
22:04:11.0129 0x0a28  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
22:04:11.0179 0x0a28  UxSms - ok
22:04:11.0189 0x0a28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\windows\system32\lsass.exe
22:04:11.0204 0x0a28  VaultSvc - ok
22:04:11.0309 0x0a28  [ BBE2B5036D2FF45458C747FB2513591D, 22A2E672E9EF5F39BB9E75D54B6AD83E6C63C5126E3C4D7BD02777F3DE39F505 ] vcsFPService    C:\windows\system32\vcsFPService.exe
22:04:11.0394 0x0a28  vcsFPService - ok
22:04:11.0419 0x0a28  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
22:04:11.0429 0x0a28  vdrvroot - ok
22:04:11.0504 0x0a28  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
22:04:11.0599 0x0a28  vds - ok
22:04:11.0639 0x0a28  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
22:04:11.0664 0x0a28  vga - ok
22:04:11.0724 0x0a28  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
22:04:11.0814 0x0a28  VgaSave - ok
22:04:11.0864 0x0a28  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
22:04:11.0894 0x0a28  vhdmp - ok
22:04:11.0919 0x0a28  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
22:04:11.0929 0x0a28  viaide - ok
22:04:11.0984 0x0a28  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\windows\system32\drivers\vmbus.sys
22:04:12.0024 0x0a28  vmbus - ok
22:04:12.0044 0x0a28  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\windows\system32\drivers\VMBusHID.sys
22:04:12.0119 0x0a28  VMBusHID - ok
22:04:12.0174 0x0a28  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
22:04:12.0189 0x0a28  volmgr - ok
22:04:12.0244 0x0a28  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
22:04:12.0279 0x0a28  volmgrx - ok
22:04:12.0294 0x0a28  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
22:04:12.0314 0x0a28  volsnap - ok
22:04:12.0359 0x0a28  [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\windows\system32\DRIVERS\vpchbus.sys
22:04:12.0374 0x0a28  vpcbus - ok
22:04:12.0434 0x0a28  [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\windows\system32\DRIVERS\vpcnfltr.sys
22:04:12.0489 0x0a28  vpcnfltr - ok
22:04:12.0519 0x0a28  [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\windows\system32\DRIVERS\vpcusb.sys
22:04:12.0569 0x0a28  vpcusb - ok
22:04:12.0659 0x0a28  [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm          C:\windows\system32\drivers\vpcvmm.sys
22:04:12.0699 0x0a28  vpcvmm - ok
22:04:12.0779 0x0a28  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\windows\system32\DRIVERS\vpnva64-6.sys
22:04:12.0799 0x0a28  vpnva - ok
22:04:12.0884 0x0a28  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
22:04:12.0929 0x0a28  vsmraid - ok
22:04:13.0019 0x0a28  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
22:04:13.0149 0x0a28  VSS - ok
22:04:13.0189 0x0a28  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
22:04:13.0234 0x0a28  vwifibus - ok
22:04:13.0269 0x0a28  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
22:04:13.0319 0x0a28  vwififlt - ok
22:04:13.0359 0x0a28  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
22:04:13.0424 0x0a28  W32Time - ok
22:04:13.0439 0x0a28  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
22:04:13.0484 0x0a28  WacomPen - ok
22:04:13.0559 0x0a28  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
22:04:13.0624 0x0a28  WANARP - ok
22:04:13.0649 0x0a28  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
22:04:13.0694 0x0a28  Wanarpv6 - ok
22:04:13.0794 0x0a28  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
22:04:13.0854 0x0a28  WatAdminSvc - ok
22:04:13.0939 0x0a28  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
22:04:14.0019 0x0a28  wbengine - ok
22:04:14.0039 0x0a28  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
22:04:14.0094 0x0a28  WbioSrvc - ok
22:04:14.0139 0x0a28  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
22:04:14.0214 0x0a28  wcncsvc - ok
22:04:14.0239 0x0a28  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
22:04:14.0259 0x0a28  WcsPlugInService - ok
22:04:14.0294 0x0a28  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\DRIVERS\wd.sys
22:04:14.0314 0x0a28  Wd - ok
22:04:14.0389 0x0a28  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
22:04:14.0444 0x0a28  Wdf01000 - ok
22:04:14.0474 0x0a28  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll
22:04:14.0499 0x0a28  WdiServiceHost - ok
22:04:14.0504 0x0a28  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll
22:04:14.0524 0x0a28  WdiSystemHost - ok
22:04:14.0579 0x0a28  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
22:04:14.0664 0x0a28  WebClient - ok
22:04:14.0689 0x0a28  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
22:04:14.0784 0x0a28  Wecsvc - ok
22:04:14.0814 0x0a28  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
22:04:14.0889 0x0a28  wercplsupport - ok
22:04:14.0949 0x0a28  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
22:04:15.0029 0x0a28  WerSvc - ok
22:04:15.0079 0x0a28  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
22:04:15.0129 0x0a28  WfpLwf - ok
22:04:15.0144 0x0a28  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
22:04:15.0164 0x0a28  WIMMount - ok
22:04:15.0189 0x0a28  WinDefend - ok
22:04:15.0194 0x0a28  WinHttpAutoProxySvc - ok
22:04:15.0249 0x0a28  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
22:04:15.0334 0x0a28  Winmgmt - ok
22:04:15.0434 0x0a28  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll
22:04:15.0559 0x0a28  WinRM - ok
22:04:15.0624 0x0a28  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\windows\system32\DRIVERS\WinUSB.sys
22:04:15.0674 0x0a28  WinUSB - ok
22:04:15.0734 0x0a28  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
22:04:15.0829 0x0a28  Wlansvc - ok
22:04:15.0974 0x0a28  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:04:16.0059 0x0a28  wlidsvc - ok
22:04:16.0114 0x0a28  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
22:04:16.0159 0x0a28  WmiAcpi - ok
22:04:16.0209 0x0a28  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
22:04:16.0294 0x0a28  wmiApSrv - ok
22:04:16.0324 0x0a28  WMPNetworkSvc - ok
22:04:16.0339 0x0a28  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
22:04:16.0389 0x0a28  WPCSvc - ok
22:04:16.0429 0x0a28  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
22:04:16.0459 0x0a28  WPDBusEnum - ok
22:04:16.0654 0x0a28  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
22:04:16.0734 0x0a28  ws2ifsl - ok
22:04:16.0814 0x0a28  [ ADD2FE1A9F4EE41A6D724819550D4E1F, EE8320496D611F6D264AC21684EACB5DC6F9DD82E055726073C7782D0993AFB3 ] WsAudio_Device  C:\windows\system32\drivers\VirtualAudio.sys
22:04:16.0839 0x0a28  WsAudio_Device - ok
22:04:16.0864 0x0a28  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\system32\wscsvc.dll
22:04:16.0929 0x0a28  wscsvc - ok
22:04:16.0969 0x0a28  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\windows\system32\DRIVERS\WSDPrint.sys
22:04:17.0024 0x0a28  WSDPrintDevice - ok
22:04:17.0049 0x0a28  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\windows\system32\DRIVERS\WSDScan.sys
22:04:17.0094 0x0a28  WSDScan - ok
22:04:17.0099 0x0a28  WSearch - ok
22:04:17.0234 0x0a28  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\windows\system32\wuaueng.dll
22:04:17.0344 0x0a28  wuauserv - ok
22:04:17.0394 0x0a28  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
22:04:17.0454 0x0a28  WudfPf - ok
22:04:17.0489 0x0a28  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
22:04:17.0569 0x0a28  WUDFRd - ok
22:04:17.0614 0x0a28  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
22:04:17.0654 0x0a28  wudfsvc - ok
22:04:17.0714 0x0a28  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
22:04:17.0754 0x0a28  WwanSvc - ok
22:04:17.0779 0x0a28  ================ Scan global ===============================
22:04:17.0794 0x0a28  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
22:04:17.0854 0x0a28  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
22:04:17.0889 0x0a28  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
22:04:17.0924 0x0a28  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
22:04:17.0949 0x0a28  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
22:04:17.0974 0x0a28  [ Global ] - ok
22:04:17.0974 0x0a28  ================ Scan MBR ==================================
22:04:17.0989 0x0a28  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:04:18.0429 0x0a28  \Device\Harddisk0\DR0 - ok
22:04:18.0444 0x0a28  [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1
22:04:18.0695 0x0a28  \Device\Harddisk1\DR1 - ok
22:04:18.0700 0x0a28  ================ Scan VBR ==================================
22:04:18.0700 0x0a28  [ 79C1C5CC833DA34F40CDB1C3F98319C4 ] \Device\Harddisk0\DR0\Partition1
22:04:18.0725 0x0a28  \Device\Harddisk0\DR0\Partition1 - ok
22:04:18.0735 0x0a28  [ 0B1291BCDCD7FFC378F98CA6960778AB ] \Device\Harddisk0\DR0\Partition2
22:04:18.0735 0x0a28  \Device\Harddisk0\DR0\Partition2 - ok
22:04:18.0740 0x0a28  [ 78C09BA2571FA95B708CF99524C313DD ] \Device\Harddisk0\DR0\Partition3
22:04:18.0740 0x0a28  \Device\Harddisk0\DR0\Partition3 - ok
22:04:18.0745 0x0a28  [ 5FB0824018A061E30965A68DE0179D5D ] \Device\Harddisk0\DR0\Partition4
22:04:18.0745 0x0a28  \Device\Harddisk0\DR0\Partition4 - ok
22:04:18.0755 0x0a28  [ C2ADD4A9BA8FB727689C71EAD596958A ] \Device\Harddisk1\DR1\Partition1
22:04:18.0755 0x0a28  \Device\Harddisk1\DR1\Partition1 - ok
22:04:18.0755 0x0a28  ================ Scan generic autorun ======================
22:04:18.0865 0x0a28  [ C50207A6452A2F0FBD725B1F3EF78FF1, BA64464AFC016F76276E26341A9DC7E509E5963D7B6D47685AA8627B2A963157 ] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
22:04:18.0940 0x0a28  HPPowerAssistant - ok
22:04:18.0940 0x0a28  SynTPEnh - ok
22:04:18.0960 0x0a28  [ A0ABBAD8CE99CBF8467D697073B38E87, C71F58580D93F0B78BDA735DA6201A6F1BDA36CC9F72D15B4E6DD62D6C3A43D0 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
22:04:18.0985 0x0a28  HPWirelessAssistant - detected UnsignedFile.Multi.Generic ( 1 )
22:04:21.0821 0x0a28  Detect skipped due to KSN trusted
22:04:21.0821 0x0a28  HPWirelessAssistant - ok
22:04:21.0826 0x0a28  BTMTrayAgent - ok
22:04:21.0881 0x0a28  [ 63DF58EA2963E8C6ABDBBA45B7273C39, 5B154C8CF4EA8196D33FB4FC1BA2C7C4197FFD552A7874B8E723497DADBDB2EA ] C:\Program Files\IDT\WDM\sttray64.exe
22:04:21.0941 0x0a28  SysTrayApp - ok
22:04:21.0971 0x0a28  [ 84E2CE935472C7DCF003300B65A6D6E4, 91011CE480F250B6B83F0A576CA2A71D7C25B38F2F297E3880A86BC4EA93B6CD ] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
22:04:21.0986 0x0a28  QLBController - ok
22:04:21.0991 0x0a28  Waiting for KSN requests completion. In queue: 72
22:04:22.0991 0x0a28  Waiting for KSN requests completion. In queue: 72
22:04:23.0991 0x0a28  Waiting for KSN requests completion. In queue: 72
22:04:25.0201 0x0a28  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
22:04:25.0216 0x0a28  Win FW state via NFP2: enabled
22:04:28.0047 0x0a28  ============================================================
22:04:28.0047 0x0a28  Scan finished
22:04:28.0047 0x0a28  ============================================================
22:04:28.0062 0x0b0c  Detected object count: 0
22:04:28.0062 0x0b0c  Actual detected object count: 0

Windows 7, 64bit: Computer stürzt permanent ab, MBAM funktioniert nicht

Log-Analyse und Auswertung: Windows 7, 64bit: Computer stürzt permanent ab, MBAM funktioniert nicht