| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Unbekannter UploadWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.10.2014, 10:43
| #1 |
| |  Unbekannter Upload Hallo Leute, ich habe mir leider etwas eingefangen. Ich habe eine 16.000er DSL-Leitung, aber letztens fiel mir auf, dass ich zuwenig download habe, knapp die hälfte, manchmal noch weniger. Ich habe jetzt mit einem anderen Rechner meine Leitung geprüft, da läuft alles normal, also muss ich mir den Hauptrechner verseucht haben. Die gängigen Tools finden nichts, ich habe daher jetzt einen scan mit farbar recovery scan tool gemacht, logs hänge ich mit dran. Danke für eure Hilfe, ihr macht hier eine super Arbeit, ich verfolge das schon lange, aber jetzt brauche ich zum ersten Mal selber Hilfe. Schöne Grüße krampf FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-10-2014 01
Ran by Sebastian (administrator) on SEBASTIAN-PC on 02-10-2014 11:36:51
Running from C:\Users\Sebastian\Downloads
Loaded Profile: Sebastian (Available profiles: Sebastian)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [374784 2014-01-09] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-08-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1666432 2014-09-22] (Simply Super Software)
HKLM-x32\...\RunOnce: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [695296 2013-07-24] (LG Electronics)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AEM] => C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe [1721128 2014-07-16] (Namtuk.com)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCC7BE164C723CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
Chrome:
=======
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-29]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-29]
CHR Extension: (Google Search) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-29]
CHR Extension: (AdBlock) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-29]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-06-29]
CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-06-29]
CHR Extension: (Gmail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-29]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AEM Service5; C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe [334848 2014-07-16] (Namtuk.com) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-12] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738344 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-04-29] (Echobit, LLC)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-02] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-02-12] (REALiX(tm))
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [114632 2013-08-28] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3599840 2013-10-14] (Intel Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 cpuz136; \??\C:\Users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 getbus; \??\C:\Users\SEBAST~1\AppData\Local\Temp\getbus.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-02 11:36 - 2014-10-02 11:37 - 00021497 _____ () C:\Users\Sebastian\Downloads\FRST.txt
2014-10-02 11:36 - 2014-10-02 11:36 - 00000000 ____D () C:\FRST
2014-10-02 11:35 - 2014-10-02 11:35 - 02108928 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2014-09-30 19:25 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:25 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 19:21 - 2014-10-02 11:31 - 00000004 _____ () C:\Windows\SysWOW64\GVTunner.ref
2014-09-28 13:58 - 2014-09-28 13:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TrafficMonitor
2014-09-28 13:58 - 2014-09-28 13:58 - 00000000 ____D () C:\ProgramData\TrafficMonitor
2014-09-28 13:57 - 2014-09-28 13:57 - 03469477 _____ () C:\Users\Sebastian\Downloads\trafficmsw.zip
2014-09-27 22:04 - 2014-09-27 22:04 - 00540302 _____ () C:\Users\Sebastian\Downloads\SeaGiant.zip
2014-09-24 17:09 - 2014-09-24 17:10 - 00000000 ____D () C:\Users\Sebastian\Desktop\SmartCC
2014-09-24 17:09 - 2014-09-24 17:09 - 01027788 _____ () C:\Users\Sebastian\Downloads\sb-v3.7z
2014-09-24 08:44 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 08:44 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 21:18 - 2014-09-23 21:22 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly (1).zip
2014-09-23 20:17 - 2014-09-23 20:17 - 00000000 ____D () C:\Users\Sebastian\Downloads\Postversand
2014-09-23 20:16 - 2014-09-23 20:16 - 01644283 _____ () C:\Users\Sebastian\Downloads\Postversand.zip
2014-09-23 20:03 - 2014-09-23 20:40 - 00036864 _____ () C:\Users\Sebastian\Downloads\Airline Mailing Address.xls
2014-09-22 20:41 - 2014-09-22 20:41 - 02324917 _____ () C:\Users\Sebastian\Downloads\crashcrawlerv8.zip
2014-09-22 18:47 - 2014-10-01 20:53 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-22 18:47 - 2014-09-22 18:47 - 00000000 ____D () C:\ProgramData\Licenses
2014-09-22 18:44 - 2014-09-22 18:45 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\Users\Sebastian\Documents\Simply Super Software
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Simply Super Software
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2014-09-22 18:43 - 2014-09-22 18:43 - 21407864 _____ (Simply Super Software ) C:\Users\Sebastian\Downloads\trjsetup690.exe
2014-09-22 15:04 - 2014-09-22 15:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 15:04 - 2014-09-22 15:04 - 00004698 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-22 15:04 - 2014-09-22 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-22 15:03 - 2014-09-22 15:03 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-22 15:03 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-22 15:03 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-22 15:03 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-22 14:58 - 2014-09-22 14:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-22 14:02 - 2014-09-29 16:05 - 00000000 ____D () C:\Users\Sebastian\Desktop\HC 30
2014-09-22 14:02 - 2014-09-22 14:02 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly.zip
2014-09-20 12:32 - 2014-09-20 12:32 - 02320830 _____ () C:\Users\Sebastian\Downloads\CrashCrawlerV6.zip
2014-09-18 22:37 - 2014-09-18 22:37 - 00093734 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00082970 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00074757 _____ () C:\Users\Sebastian\Downloads\Compensation claim .jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00082829 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris 2.jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00075826 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris .jpeg
2014-09-18 22:28 - 2014-09-18 22:28 - 00096815 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris 1.jpeg
2014-09-18 01:04 - 2014-09-18 01:04 - 00002613 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Robin.Schulz.and.Alligatoah-Willst.Du-WEB-DE-2014-VOiCE.torrent
2014-09-14 23:19 - 2014-09-14 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-09-14 23:18 - 2014-09-14 23:19 - 06057862 _____ (Tim Kosse) C:\Users\Sebastian\Downloads\FileZilla_3.9.0.5_win32-setup.exe
2014-09-13 21:16 - 2014-09-13 21:16 - 00763575 _____ () C:\Users\Sebastian\Downloads\ArenaValue.1.0.5.0.zip
2014-09-13 13:50 - 2014-10-02 11:30 - 00012166 _____ () C:\Windows\PFRO.log
2014-09-12 19:47 - 2014-09-25 19:17 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 19:47 - 2014-09-12 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-12 19:40 - 2014-09-12 19:40 - 00000000 ____D () C:\ProgramData\ATI
2014-09-12 19:39 - 2014-09-12 19:39 - 00067608 _____ () C:\Windows\SysWOW64\CCCInstall_201409121939038099.log
2014-09-12 19:39 - 2014-09-12 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2014-09-12 19:39 - 2014-09-12 19:39 - 00000000 ____D () C:\Program Files\AMD Quick Stream
2014-09-12 19:39 - 2014-09-12 19:39 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-09-12 19:38 - 2014-09-12 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-09-12 19:38 - 2014-02-16 18:23 - 00060640 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2014-09-12 19:37 - 2014-09-12 19:38 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-12 19:28 - 2014-10-02 11:30 - 00002567 _____ () C:\Windows\setupact.log
2014-09-12 19:28 - 2014-09-12 19:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-12 19:07 - 2014-09-12 19:13 - 283056096 _____ (AMD Inc.) C:\Users\Sebastian\Downloads\amd-catalyst-desktop-apus-win8.1-win7-64bit.exe
2014-09-12 19:06 - 2014-09-12 19:06 - 00891224 _____ (AMD) C:\Users\Sebastian\Downloads\amddriverdownloader (1).exe
2014-09-12 19:04 - 2014-09-12 19:04 - 00002780 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-12 19:04 - 2014-09-12 19:04 - 00000832 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-12 19:04 - 2014-09-12 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-12 19:04 - 2014-09-12 19:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-12 18:59 - 2014-09-12 18:59 - 00060572 _____ () C:\Windows\SysWOW64\CCCInstall_201409121859531251.log
2014-09-12 18:56 - 2014-09-12 18:57 - 03826912 _____ (Piriform Ltd) C:\Users\Sebastian\Downloads\ccsetup417_slim.exe
2014-09-11 00:43 - 2014-09-11 00:43 - 02524469 _____ () C:\Users\Sebastian\Downloads\reund.html
2014-09-10 23:28 - 2014-09-10 23:28 - 00009891 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Stromberg.Der.Film.German.720p.BluRay.x264-EXQUiSiTE.torrent
2014-09-10 22:42 - 2014-09-07 17:57 - 00022990 _____ () C:\Users\Sebastian\Documents\SEPA%2003.09.2014.xlsx_0.ods
2014-09-10 20:50 - 2014-09-10 20:50 - 00061410 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Under.the.Dome.S01.COMPLETE.GERMAN.DUBBED.WebHDRiP.XviD-SOF.torrent
2014-09-10 20:49 - 2014-09-10 20:49 - 00053292 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Homeland.S03.COMPLETE.GERMAN.DUBBED.WebHDRiP.x264-SOF.torrent
2014-09-10 03:04 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 03:04 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 03:04 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 03:04 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 03:04 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 03:04 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 03:04 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 03:04 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 03:04 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 03:04 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 03:04 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 03:04 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 03:04 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 03:04 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 03:04 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 03:04 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 03:04 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 03:04 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 03:04 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 03:04 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 03:04 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 03:04 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 03:04 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 03:04 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 03:04 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 03:04 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 03:04 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 03:04 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 03:04 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 03:04 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 03:04 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 03:04 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 03:04 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 03:04 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 03:04 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 03:04 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 03:04 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 03:04 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 03:04 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 03:04 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 03:04 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 03:04 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 03:04 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 03:04 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 03:04 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 03:04 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 03:04 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 03:04 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 03:04 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 03:04 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 03:04 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 03:04 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 03:04 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 03:04 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 03:04 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 03:03 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 03:00 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 03:00 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 00:57 - 2014-09-10 00:57 - 00881127 _____ () C:\Users\Sebastian\Downloads\DragonCC4.2.rar
2014-09-09 21:42 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-09 21:42 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-09 21:41 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-09 21:41 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-09 21:40 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-09 21:40 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-09 21:40 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-09 21:40 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-09 21:40 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-09 21:40 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-09 21:40 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-07 13:30 - 2014-09-07 13:30 - 00898243 _____ () C:\Users\Sebastian\Downloads\DragonCC3-4.rar
2014-09-07 13:24 - 2014-09-07 13:24 - 00890795 _____ () C:\Users\Sebastian\Downloads\DragonCC4 (1).rar
2014-09-07 13:22 - 2014-09-20 12:38 - 00000000 ____D () C:\Users\Sebastian\Desktop\HC
2014-09-06 12:06 - 2014-09-06 12:06 - 00890795 _____ () C:\Users\Sebastian\Downloads\DragonCC4.rar
2014-09-05 21:41 - 2014-09-05 21:41 - 00076689 _____ () C:\Users\Sebastian\Downloads\Leverage-Staffel05-Folge13-15@www.torrent.to.torrent
2014-09-02 19:25 - 2014-09-02 19:25 - 00000237 _____ () C:\Users\Sebastian\Downloads\PayPal 01.09.2014.csv
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-02 11:35 - 2011-04-12 09:43 - 00701996 _____ () C:\Windows\system32\perfh007.dat
2014-10-02 11:35 - 2011-04-12 09:43 - 00150662 _____ () C:\Windows\system32\perfc007.dat
2014-10-02 11:35 - 2009-07-14 07:13 - 01628294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-02 11:34 - 2014-02-07 07:26 - 01942614 _____ () C:\Windows\WindowsUpdate.log
2014-10-02 11:31 - 2014-02-22 13:05 - 00000000 ____D () C:\ProgramData\VMware
2014-10-02 11:31 - 2014-02-12 21:34 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-10-02 11:31 - 2014-02-12 21:34 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2014-10-02 11:31 - 2014-02-07 02:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-10-02 11:30 - 2014-07-30 22:45 - 00005310 _____ () C:\Windows\system32\debug.log
2014-10-02 11:30 - 2014-02-07 07:42 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-02 11:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-02 02:14 - 2014-07-20 16:22 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-10-02 02:14 - 2014-02-07 07:42 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-02 01:42 - 2014-04-29 17:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-02 01:41 - 2014-03-19 23:02 - 00000000 ____D () C:\Users\Sebastian\Desktop\Rechnungen refund.me
2014-10-02 01:00 - 2014-02-12 20:44 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\PMB Files
2014-10-02 01:00 - 2014-02-12 20:44 - 00000000 ____D () C:\ProgramData\PMB Files
2014-10-02 00:33 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-02 00:33 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-02 00:21 - 2014-02-07 01:37 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Battle.net
2014-10-02 00:01 - 2014-02-11 21:43 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Skype
2014-10-01 00:56 - 2014-02-07 18:56 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-09-30 22:54 - 2014-02-07 18:22 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\netz
2014-09-30 01:55 - 2014-02-08 11:14 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\uTorrent
2014-09-28 01:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-25 19:06 - 2014-06-13 19:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-24 16:42 - 2014-04-29 17:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 16:42 - 2014-04-29 17:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 16:42 - 2014-04-29 17:58 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 09:56 - 2014-02-07 19:00 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-09-23 02:59 - 2014-05-16 00:29 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-09-23 02:59 - 2014-03-05 23:29 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\HpUpdate
2014-09-23 02:59 - 2014-02-22 02:30 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-09-22 18:20 - 2014-08-30 12:43 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest (1)
2014-09-22 18:20 - 2014-08-08 16:25 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest
2014-09-22 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-09-22 15:05 - 2014-05-15 12:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-22 15:04 - 2014-05-15 12:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-22 13:56 - 2014-02-18 21:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 18:36 - 2014-02-08 13:34 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\vlc
2014-09-16 21:25 - 2014-08-30 01:06 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\FileZilla
2014-09-16 02:03 - 2014-06-14 19:30 - 00001112 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-16 02:03 - 2014-06-14 19:30 - 00001100 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-14 23:19 - 2014-08-30 01:05 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-09-12 19:47 - 2014-02-07 07:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-12 19:46 - 2014-08-05 19:12 - 00001147 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-12 19:46 - 2014-02-07 07:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-12 19:46 - 2014-02-07 07:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-12 19:46 - 2014-02-07 07:42 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-12 19:39 - 2014-02-07 07:39 - 00000000 ____D () C:\ProgramData\AMD
2014-09-12 19:39 - 2014-02-07 07:39 - 00000000 ____D () C:\Program Files\AMD
2014-09-12 19:39 - 2014-02-07 07:39 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-09-12 19:39 - 2014-02-07 07:37 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-09-12 19:26 - 2014-05-17 00:21 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-09-12 19:26 - 2014-02-24 21:06 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TeamViewer
2014-09-12 19:26 - 2014-02-07 07:22 - 00000000 ____D () C:\Windows\Panther
2014-09-10 22:56 - 2014-06-09 23:05 - 00000000 ____D () C:\s3 refund.me
2014-09-10 03:03 - 2014-04-03 03:00 - 00002155 _____ () C:\Windows\epplauncher.mif
2014-09-10 03:03 - 2014-02-23 12:40 - 00002127 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-10 03:03 - 2014-02-07 07:33 - 01601638 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 03:02 - 2014-02-23 12:40 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-10 03:02 - 2014-02-23 12:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-10 03:02 - 2014-02-07 02:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 03:00 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 03:00 - 2014-02-07 02:14 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\Temp\avgnt.exe
C:\Users\Sebastian\AppData\Local\Temp\e45ear24.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_10436.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_12339.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_1645.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_2530.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_26929.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_28586.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_3680.dll
C:\Users\Sebastian\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-28 01:49
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-10-2014 01
Ran by Sebastian at 2014-10-02 11:37:23
Running from C:\Users\Sebastian\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.33870 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40812 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0812.1103.17905 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{1113B31C-097E-644C-7242-829DFC0CED38}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0812.1103.17905 - Ihr Firmenname) Hidden
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.10.0.0 - AppEx Networks)
AMD Steady Video Plug-In (Version: 2.07.0000 - AMD) Hidden
AMD USB 3.0 Device Detector (Version: 2.1.29.0 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Automatic Email Manager 5.15 (HKLM\...\{60C042B5-EB83-44A1-A522-3D1BDC901E80}) (Version: 5.15 - Namtuk)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0812.1103.17905 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0812.1103.17905 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0812.1103.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0812.1103.17905 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CloudBerry Explorer for Amazon S3 3.8.7 (HKLM\...\CloudBerry Explorer for Amazon S3) (Version: 3.8.7 - CloudBerryLab)
CodeTwo QR Code Desktop Reader (HKLM-x32\...\{8E03824D-0FCC-4AAE-BBE3-3B544BE3876F}) (Version: 1.0.0 - CodeTwo)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Easy Tune 6 B13.1111.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B13.1111.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Elevated Installer (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Garmin Express (HKLM-x32\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Cloud Print-Drucker (HKLM-x32\...\{74AA24E0-AC50-4B28-BA46-9CF05467C9B7}) (Version: 28.0.1489.0 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.2.9.2071 - HearthstoneTracker.com)
HP LaserJet 400 M401 (HKLM-x32\...\{8989F6D9-550C-4178-A8CB-75B82A06621F}) (Version: 5.0.13198.1083 - Hewlett-Packard)
HP LaserJet 400 M401 HP Device Toolbox (x32 Version: 29.0.109.0 - Hewlett-Packard Co.) Hidden
HP Product FWUpdater (x32 Version: 4.0.0.7242 - Hewlett-Packard Company) Hidden
HP Unified IO (Version: 2.0.0.404 - HP) Hidden
HP Unified IO (x32 Version: 2.0.0.404 - HP) Hidden
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM401DSService (x32 Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDXP (x32 Version: 3.0.26.1 - HP) Hidden
HPLaserJet400-M401_HelpLearnCenter_SI (HKLM-x32\...\{4989DD05-86FB-4CA2-96C5-923DFAD89DA3}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (x32 Version: 020.021.004 - HP) Hidden
HPLJUTCore (x32 Version: 004.005.0001 - HP) Hidden
HPLJUTM401 (x32 Version: 3.00.0003 - HP) Hidden
hppLaserJetService (x32 Version: 009.027.00856 - Hewlett-Packard) Hidden
hppM401LaserJetService (x32 Version: 001.019.00639 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 050.037.00142 - Hewlett Packard) Hidden
hpStatusAlertsM401 (x32 Version: 050.034.00131 - Hewlett-Packard) Hidden
HWiNFO64 Version 4.32 (HKLM\...\HWiNFO64_is1) (Version: 4.32 - Martin Malík - REALiX)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1335.3) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0366 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 10.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.0 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LJDXPHelperUI (x32 Version: 020.021.004 - HP) Hidden
Macro Recorder 5.7.4 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.7.4 - Jitbit Software)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.145.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.145.0 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 Create Module (HKLM-x32\...\{797A6AD2-06D5-484B-81FE-25895A56B1F2}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDF24 Creator 6.5.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Screen Split (HKLM-x32\...\{7F0C2357-33B0-4408-A9AD-A7623FAA22B1}) (Version: 6.23 - LG Electronics Inc.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
tools-windows (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Trojan Remover 6.9.1.2931 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1.2931 - Simply Super Software)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.1 - VMware, Inc)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3995683688-22251476-601076843-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3995683688-22251476-601076843-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3995683688-22251476-601076843-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3995683688-22251476-601076843-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3995683688-22251476-601076843-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
25-09-2014 00:48:07 Windows Update
29-09-2014 23:17:52 Windows Update
30-09-2014 23:23:26 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0305B390-003B-4DAC-8DC9-F62EC812A8DE} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {386CFDDB-2326-47CD-A4FE-C46554050D10} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-12-18] (TuneUp Software)
Task: {3FEFA80E-4019-4642-A935-E559D362C63E} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {50AD10A4-D6AC-4F3B-A8BF-C66E22F660EB} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-09-04] (Microsoft Corporation)
Task: {6DBD98FF-1347-4642-9925-C1AFE117B805} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {6FDA6E34-03C5-4AED-BDAB-6001669799CA} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {751607E3-9066-486E-99D7-0F9720E73FE8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {7B8873EB-A73C-4B23-A7B5-234DEA64649A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-09-04] (Microsoft Corporation)
Task: {7D1E9BC1-CCE9-450C-AC38-1912D1754AE6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {8316B68D-B23B-452B-9FBF-3BBA09C2CF13} - System32\Tasks\{6127E29C-7967-4AC2-B92E-17C42D62C9EA} => C:\Program Files (x86)\GIGABYTE\ET6\ET6SC.exe [2012-07-09] ()
Task: {9BD48AB0-69C4-4F3A-853A-B21596B82F40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07] (Google Inc.)
Task: {AF3356D5-119A-46B0-A6D8-01C967DF13F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07] (Google Inc.)
Task: {EB2A5FFC-20D3-4FB3-8B49-48DBF9F69218} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2012-06-15] (Hewlett Packard)
Task: {F8D5E86C-E5F1-43F8-A269-43E99281420F} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-02-08 14:32 - 2013-06-12 16:54 - 00066048 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-08-06 17:10 - 2012-10-12 12:02 - 00440320 ____N () C:\Program Files (x86)\Namtuk\Automatic Email Manager\SharpCompress.dll
2014-08-12 11:06 - 2014-08-12 11:06 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-08-12 11:05 - 2014-08-12 11:05 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-06-13 19:59 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-12-18 11:01 - 2013-12-18 11:01 - 00742200 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2012-01-13 15:04 - 2012-01-13 15:04 - 00219760 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
2014-02-08 14:32 - 2013-06-26 11:56 - 00241664 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
2014-08-12 11:06 - 2014-08-12 11:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-10-18 13:46 - 2013-10-18 13:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-02-08 14:32 - 2013-06-12 16:54 - 00063488 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook.dll
2013-11-11 19:56 - 2013-11-11 19:56 - 02887747 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
2013-11-05 12:07 - 2013-11-05 12:07 - 00651327 _____ () C:\Program Files (x86)\GIGABYTE\ET6\work.dll
2013-09-13 16:26 - 2013-09-13 16:26 - 01331266 _____ () C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
2008-05-07 16:22 - 2008-05-07 16:22 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
2012-05-08 16:01 - 2012-05-08 16:01 - 00069632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll
2012-11-27 16:03 - 2012-11-27 16:03 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
2010-06-24 16:50 - 2010-06-24 16:50 - 00094208 _____ () C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll
2011-03-01 20:00 - 2011-03-01 20:00 - 00126976 _____ () C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll
2011-10-18 10:26 - 2011-10-18 10:26 - 00024576 _____ () C:\Program Files (x86)\GIGABYTE\ET6\STT.dll
2013-11-05 14:12 - 2013-11-05 14:12 - 01499200 _____ () C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
2013-11-06 18:59 - 2013-11-06 18:59 - 01335358 _____ () C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
2013-03-23 11:59 - 2013-03-23 11:59 - 01433674 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
2003-02-14 15:11 - 2003-02-14 15:11 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
2013-11-01 11:29 - 2013-11-01 11:29 - 01318984 _____ () C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll
2013-05-24 01:50 - 2013-05-24 01:50 - 03860520 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll
2013-05-24 01:50 - 2013-05-24 01:50 - 00579616 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Device.dll
2013-09-12 12:50 - 2013-09-12 12:50 - 00311296 _____ () C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL
2014-02-08 14:32 - 2013-04-24 18:47 - 00004608 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\GerRes.dll
2014-09-06 18:44 - 2014-09-06 18:44 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-08-05 19:12 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Sebastian\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-09-25 19:16 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 19:16 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 19:16 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 19:17 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 19:16 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3995683688-22251476-601076843-500 - Administrator - Disabled)
Gast (S-1-5-21-3995683688-22251476-601076843-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3995683688-22251476-601076843-1006 - Limited - Enabled)
Sebastian (S-1-5-21-3995683688-22251476-601076843-1000 - Administrator - Enabled) => C:\Users\Sebastian
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/02/2014 11:32:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/02/2014 00:28:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/01/2014 08:56:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/01/2014 04:55:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/30/2014 07:22:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/29/2014 01:39:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GUI.exe, Version: 1.0.0.1, Zeitstempel: 0x4f0fc8d2
Name des fehlerhaften Moduls: Normal.dll, Version: 1.0.0.1, Zeitstempel: 0x5280b7f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009ca66
ID des fehlerhaften Prozesses: 0x117c
Startzeit der fehlerhaften Anwendung: 0xGUI.exe0
Pfad der fehlerhaften Anwendung: GUI.exe1
Pfad des fehlerhaften Moduls: GUI.exe2
Berichtskennung: GUI.exe3
Error: (09/29/2014 01:08:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/28/2014 02:07:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/28/2014 10:55:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GUI.exe, Version: 1.0.0.1, Zeitstempel: 0x4f0fc8d2
Name des fehlerhaften Moduls: Normal.dll, Version: 1.0.0.1, Zeitstempel: 0x5280b7f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009ca66
ID des fehlerhaften Prozesses: 0x111c
Startzeit der fehlerhaften Anwendung: 0xGUI.exe0
Pfad der fehlerhaften Anwendung: GUI.exe1
Pfad des fehlerhaften Moduls: GUI.exe2
Berichtskennung: GUI.exe3
Error: (09/27/2014 10:17:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (10/02/2014 11:31:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/02/2014 11:31:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.
Error: (10/02/2014 00:26:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/02/2014 00:26:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.
Error: (10/02/2014 00:25:14 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (10/01/2014 08:55:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/01/2014 08:55:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.
Error: (10/01/2014 04:53:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/01/2014 04:53:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.
Error: (09/30/2014 07:20:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (10/02/2014 11:32:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/02/2014 00:28:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/01/2014 08:56:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/01/2014 04:55:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/30/2014 07:22:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/29/2014 01:39:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GUI.exe1.0.0.14f0fc8d2Normal.dll1.0.0.15280b7f4c00000050009ca66117c01cfdb70db4da4c7C:\Program Files (x86)\GIGABYTE\ET6\GUI.exeC:\Program Files (x86)\GIGABYTE\ET6\Normal.dll4c8b5502-47cd-11e4-9ab0-0c8bfd4e765d
Error: (09/29/2014 01:08:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/28/2014 02:07:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/28/2014 10:55:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GUI.exe1.0.0.14f0fc8d2Normal.dll1.0.0.15280b7f4c00000050009ca66111c01cfda8fe613d8ccC:\Program Files (x86)\GIGABYTE\ET6\GUI.exeC:\Program Files (x86)\GIGABYTE\ET6\Normal.dll24b1ad32-46ed-11e4-af24-0c8bfd4e765d
Error: (09/27/2014 10:17:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-09-22 18:48:49.903
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:49.862
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:49.819
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:49.777
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:49.047
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:49.005
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:48.962
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:48.920
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:48.246
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:48.204
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: AMD A10-6800K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 32%
Total physical RAM: 7367.6 MB
Available physical RAM: 4989.88 MB
Total Pagefile: 14733.38 MB
Available Pagefile: 11724.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (SSD 120 GB) (Fixed) (Total:111.69 GB) (Free:32.57 GB) NTFS
Drive e: (WD Red 4 TB) (Fixed) (Total:3725.9 GB) (Free:2367.78 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: FA67A521)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: 8A9D30C7)
Partition: GPT Partition Type.
==================== End Of Log ============================
Geändert von krampf (02.10.2014 um 11:16 Uhr) |
|
02.10.2014, 11:57
| #2 |
| /// the machine /// TB-Ausbilder    | Unbekannter Upload hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ |
|
02.10.2014, 12:26
| #3 |
| | Unbekannter Upload Hallo schrauber,
__________________danke dir für deine Hilfe. Code:
ATTFilter 12:58:51.0415 0x1574 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
12:58:55.0213 0x1574 ============================================================
12:58:55.0213 0x1574 Current date / time: 2014/10/02 12:58:55.0213
12:58:55.0213 0x1574 SystemInfo:
12:58:55.0213 0x1574
12:58:55.0213 0x1574 OS Version: 6.1.7601 ServicePack: 1.0
12:58:55.0213 0x1574 Product type: Workstation
12:58:55.0213 0x1574 ComputerName: SEBASTIAN-PC
12:58:55.0213 0x1574 UserName: Sebastian
12:58:55.0213 0x1574 Windows directory: C:\Windows
12:58:55.0213 0x1574 System windows directory: C:\Windows
12:58:55.0213 0x1574 Running under WOW64
12:58:55.0213 0x1574 Processor architecture: Intel x64
12:58:55.0213 0x1574 Number of processors: 4
12:58:55.0213 0x1574 Page size: 0x1000
12:58:55.0213 0x1574 Boot type: Normal boot
12:58:55.0213 0x1574 ============================================================
12:58:55.0266 0x1574 KLMD registered as C:\Windows\system32\drivers\09891588.sys
12:58:55.0966 0x1574 System UUID: {FE78A10A-DE45-D547-1B13-58B4FF0E4953}
12:58:56.0815 0x1574 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:59:05.0257 0x1574 Drive \Device\Harddisk1\DR1 - Size: 0x3A3817D6000 ( 3726.02 Gb ), SectorSize: 0x200, Cylinders: 0x76C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:59:05.0263 0x1574 ============================================================
12:59:05.0263 0x1574 \Device\Harddisk0\DR0:
12:59:05.0263 0x1574 MBR partitions:
12:59:05.0263 0x1574 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:59:05.0263 0x1574 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
12:59:05.0263 0x1574 \Device\Harddisk1\DR1:
12:59:05.0263 0x1574 GPT partitions:
12:59:05.0264 0x1574 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E01FF506-7EB2-4E25-AA8E-B07FB398FC36}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
12:59:05.0264 0x1574 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EAF328F9-814C-40C6-ABC3-6005FCE88F15}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xD1BCB000
12:59:05.0264 0x1574 MBR partitions:
12:59:05.0264 0x1574 ============================================================
12:59:05.0264 0x1574 C: <-> \Device\Harddisk0\DR0\Partition2
12:59:05.0291 0x1574 E: <-> \Device\Harddisk1\DR1\Partition2
12:59:05.0291 0x1574 ============================================================
12:59:05.0291 0x1574 Initialize success
12:59:05.0291 0x1574 ============================================================
12:59:28.0088 0x19c0 ============================================================
12:59:28.0088 0x19c0 Scan started
12:59:28.0089 0x19c0 Mode: Manual; SigCheck; TDLFS;
12:59:28.0089 0x19c0 ============================================================
12:59:28.0089 0x19c0 KSN ping started
12:59:30.0761 0x19c0 KSN ping finished: true
12:59:30.0979 0x19c0 ================ Scan system memory ========================
12:59:30.0979 0x19c0 System memory - ok
12:59:30.0980 0x19c0 ================ Scan services =============================
12:59:31.0013 0x19c0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:59:31.0075 0x19c0 1394ohci - ok
12:59:31.0091 0x19c0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:59:31.0106 0x19c0 ACPI - ok
12:59:31.0110 0x19c0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:59:31.0121 0x19c0 AcpiPmi - ok
12:59:31.0126 0x19c0 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:59:31.0135 0x19c0 AdobeARMservice - ok
12:59:31.0156 0x19c0 [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:59:31.0168 0x19c0 AdobeFlashPlayerUpdateSvc - ok
12:59:31.0180 0x19c0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:59:31.0197 0x19c0 adp94xx - ok
12:59:31.0207 0x19c0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:59:31.0221 0x19c0 adpahci - ok
12:59:31.0228 0x19c0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:59:31.0240 0x19c0 adpu320 - ok
12:59:31.0246 0x19c0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:59:31.0272 0x19c0 AeLookupSvc - ok
12:59:31.0281 0x19c0 [ 2FAD0C11FFD2E47622B06E5D8BC0DBBE, B0508783F40A8964D490E4B15CD33534CCA5D4D9B9AE0481921D975902795C14 ] AEM Service5 C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe
12:59:31.0292 0x19c0 AEM Service5 - detected UnsignedFile.Multi.Generic ( 1 )
12:59:33.0966 0x19c0 Detect skipped due to KSN trusted
12:59:33.0966 0x19c0 AEM Service5 - ok
12:59:33.0979 0x19c0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:59:33.0999 0x19c0 AFD - ok
12:59:34.0003 0x19c0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:59:34.0012 0x19c0 agp440 - ok
12:59:34.0016 0x19c0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:59:34.0028 0x19c0 ALG - ok
12:59:34.0031 0x19c0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:59:34.0040 0x19c0 aliide - ok
12:59:34.0046 0x19c0 [ 689760C1BDE6C663CAF996F6BFE093BD, 99EE58B532F69323169C58A2FA88F9A3857A96F2111D3F38C84F71826B4FDEBC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:59:34.0063 0x19c0 AMD External Events Utility - ok
12:59:34.0066 0x19c0 AMD FUEL Service - ok
12:59:34.0071 0x19c0 [ 05120427227F6F088ECA75942ED7ACA9, BD25436EB43C6718F5E6A4C3C24831189D3A893DC87AA0ADED993B7C3126F2E9 ] amdhub30 C:\Windows\system32\DRIVERS\amdhub30.sys
12:59:34.0080 0x19c0 amdhub30 - ok
12:59:34.0084 0x19c0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:59:34.0093 0x19c0 amdide - ok
12:59:34.0097 0x19c0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:59:34.0107 0x19c0 AmdK8 - ok
12:59:34.0382 0x19c0 [ 7A0EEC010B9F5FB20198EF06505AC44F, 8B62E693F82F21342B4B81A9D87850CD63111EA2104A931DBBAF5F41740E859A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:59:34.0716 0x19c0 amdkmdag - ok
12:59:34.0752 0x19c0 [ 3C355B3D0A3FB9FC3A298D0480D673EF, FC69982C900C7803793E57D5E9542DDB81A87DCA180BC992846EFD9376AF0D71 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:59:34.0775 0x19c0 amdkmdap - ok
12:59:34.0780 0x19c0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:59:34.0790 0x19c0 AmdPPM - ok
12:59:34.0795 0x19c0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:59:34.0806 0x19c0 amdsata - ok
12:59:34.0812 0x19c0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:59:34.0823 0x19c0 amdsbs - ok
12:59:34.0827 0x19c0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:59:34.0835 0x19c0 amdxata - ok
12:59:34.0843 0x19c0 [ 7DCA2C59491D420947A0B529DB37C7CF, 4673DD141F02801A61FF057BE9DA7FD214C1F9ED31BCB035A8C4E44C579799E4 ] amdxhc C:\Windows\system32\DRIVERS\amdxhc.sys
12:59:34.0854 0x19c0 amdxhc - ok
12:59:34.0858 0x19c0 [ 172C69FE64D07BDF5CE24146274F8CB8, 0A36069BA7B1E2C8B00E8E611E5F2AEF3A7571FAEA252752577EF9DE11F343DA ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
12:59:34.0868 0x19c0 amd_sata - ok
12:59:34.0873 0x19c0 [ A8FD2F5F3E70BE8FF66D2AFC6B6FB051, E5C9CDBEA96B008F2B73E5151B85867128479FBEEADF2500AB16E3B0692AC030 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
12:59:34.0880 0x19c0 amd_xata - ok
12:59:34.0894 0x19c0 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:59:34.0910 0x19c0 AntiVirSchedulerService - ok
12:59:34.0920 0x19c0 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:59:34.0933 0x19c0 AntiVirService - ok
12:59:34.0941 0x19c0 [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2.0 C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys
12:59:34.0963 0x19c0 AODDriver4.2.0 - ok
12:59:34.0967 0x19c0 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
12:59:34.0976 0x19c0 AODDriver4.3 - ok
12:59:34.0980 0x19c0 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
12:59:35.0004 0x19c0 AppID - ok
12:59:35.0007 0x19c0 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:59:35.0031 0x19c0 AppIDSvc - ok
12:59:35.0036 0x19c0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:59:35.0047 0x19c0 Appinfo - ok
12:59:35.0053 0x19c0 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
12:59:35.0066 0x19c0 AppMgmt - ok
12:59:35.0074 0x19c0 [ A3C7FC7D3FD8B9FA5FD4B8AF903363D3, 2CCB9380839C4E4AD305F61F13CD5A6B2699C85C8338446AE1F88A0B9048FA04 ] APXACC C:\Windows\system32\DRIVERS\appexDrv.sys
12:59:35.0086 0x19c0 APXACC - ok
12:59:35.0090 0x19c0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:59:35.0100 0x19c0 arc - ok
12:59:35.0105 0x19c0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:59:35.0114 0x19c0 arcsas - ok
12:59:35.0125 0x19c0 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:59:35.0137 0x19c0 aspnet_state - ok
12:59:35.0140 0x19c0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:59:35.0164 0x19c0 AsyncMac - ok
12:59:35.0168 0x19c0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:59:35.0176 0x19c0 atapi - ok
12:59:35.0182 0x19c0 [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:59:35.0193 0x19c0 AtiHDAudioService - ok
12:59:35.0210 0x19c0 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:59:35.0246 0x19c0 AudioEndpointBuilder - ok
12:59:35.0262 0x19c0 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:59:35.0298 0x19c0 AudioSrv - ok
12:59:35.0304 0x19c0 [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
12:59:35.0314 0x19c0 avgntflt - ok
12:59:35.0319 0x19c0 [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
12:59:35.0329 0x19c0 avipbb - ok
12:59:35.0335 0x19c0 [ 05ABC09DC0DFA5DF79A0BB39F60636B7, FEDE900D991F1FB40BA0A44E05181A6A506DC8B5F365E78E523CB6DF2CDACC15 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
12:59:35.0345 0x19c0 Avira.OE.ServiceHost - ok
12:59:35.0349 0x19c0 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
12:59:35.0357 0x19c0 avkmgr - ok
12:59:35.0364 0x19c0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:59:35.0379 0x19c0 AxInstSV - ok
12:59:35.0390 0x19c0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:59:35.0409 0x19c0 b06bdrv - ok
12:59:35.0417 0x19c0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:59:35.0432 0x19c0 b57nd60a - ok
12:59:35.0438 0x19c0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:59:35.0450 0x19c0 BDESVC - ok
12:59:35.0453 0x19c0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:59:35.0477 0x19c0 Beep - ok
12:59:35.0492 0x19c0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:59:35.0516 0x19c0 BFE - ok
12:59:35.0535 0x19c0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:59:35.0576 0x19c0 BITS - ok
12:59:35.0580 0x19c0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:59:35.0591 0x19c0 blbdrive - ok
12:59:35.0615 0x19c0 [ E7429ECD0C47CC065EEACF7E9D0E6341, 10D8231E14C908A0949108EB5F84E17BA10ABFC370D0C5F65945B23879AB12BF ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
12:59:35.0644 0x19c0 Bluetooth Device Monitor - ok
12:59:35.0676 0x19c0 [ 0F432B34D80351EFC5E35F14D9798CFD, 591D913E069C1C69212A7742D7182E24E669FE7B50680D8D337F32CF9F72B163 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
12:59:35.0707 0x19c0 Bluetooth Media Service - ok
12:59:35.0735 0x19c0 [ 96924B1D3060B0C0FFD77D01CB234D9F, 2A02EEC4092646A0BD26B8E8BA8B75F82EB6F46003C56C9A838E412006457DD2 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
12:59:35.0762 0x19c0 Bluetooth OBEX Service - ok
12:59:35.0768 0x19c0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:59:35.0779 0x19c0 bowser - ok
12:59:35.0782 0x19c0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:59:35.0794 0x19c0 BrFiltLo - ok
12:59:35.0796 0x19c0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:59:35.0808 0x19c0 BrFiltUp - ok
12:59:35.0813 0x19c0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:59:35.0826 0x19c0 Browser - ok
12:59:35.0834 0x19c0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:59:35.0849 0x19c0 Brserid - ok
12:59:35.0853 0x19c0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:59:35.0865 0x19c0 BrSerWdm - ok
12:59:35.0868 0x19c0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:59:35.0880 0x19c0 BrUsbMdm - ok
12:59:35.0885 0x19c0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:59:35.0894 0x19c0 BrUsbSer - ok
12:59:35.0898 0x19c0 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:59:35.0908 0x19c0 BthEnum - ok
12:59:35.0913 0x19c0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:59:35.0925 0x19c0 BTHMODEM - ok
12:59:35.0930 0x19c0 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:59:35.0944 0x19c0 BthPan - ok
12:59:35.0956 0x19c0 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
12:59:35.0976 0x19c0 BTHPORT - ok
12:59:35.0981 0x19c0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:59:36.0006 0x19c0 bthserv - ok
12:59:36.0010 0x19c0 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
12:59:36.0021 0x19c0 BTHUSB - ok
12:59:36.0026 0x19c0 [ BD64048EE0186D7988943327D677AC84, 436910AEDDBAED02A8E71BA0A96EBDE1906B20AA29F02BE2B20946898B4B0C27 ] btmaudio C:\Windows\system32\drivers\btmaud.sys
12:59:36.0034 0x19c0 btmaudio - ok
12:59:36.0041 0x19c0 [ 5B8D71504FA8BFA308F6E1169B89D322, 1DC0CF47C5F655EA0F0992020C17A86D05637F55ACBB17380283EBB883A4D14D ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
12:59:36.0051 0x19c0 btmaux - ok
12:59:36.0081 0x19c0 [ D66F3A4F11E42142722DCF9DC5A451D6, 6576421E24ABB4F0A7B5EFB5CF6F9C6F510AFDD0087415D57A5ABBB0866B3E39 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
12:59:36.0113 0x19c0 btmhsf - ok
12:59:36.0121 0x19c0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:59:36.0147 0x19c0 cdfs - ok
12:59:36.0152 0x19c0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:59:36.0164 0x19c0 cdrom - ok
12:59:36.0170 0x19c0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:59:36.0194 0x19c0 CertPropSvc - ok
12:59:36.0198 0x19c0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:59:36.0210 0x19c0 circlass - ok
12:59:36.0219 0x19c0 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:59:36.0233 0x19c0 CLFS - ok
12:59:36.0280 0x19c0 [ EDAD3D6932E4CB7D92F19FEE0238C29D, 8AE3F923CDBBF08ABB401B53D7E743DBD91C64E28AB7A17D7BAB1EF585A8FE4F ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
12:59:36.0332 0x19c0 ClickToRunSvc - ok
12:59:36.0341 0x19c0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:59:36.0350 0x19c0 clr_optimization_v2.0.50727_32 - ok
12:59:36.0355 0x19c0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:59:36.0365 0x19c0 clr_optimization_v2.0.50727_64 - ok
12:59:36.0374 0x19c0 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:59:36.0393 0x19c0 clr_optimization_v4.0.30319_32 - ok
12:59:36.0399 0x19c0 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:59:36.0413 0x19c0 clr_optimization_v4.0.30319_64 - ok
12:59:36.0416 0x19c0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:59:36.0426 0x19c0 CmBatt - ok
12:59:36.0429 0x19c0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:59:36.0437 0x19c0 cmdide - ok
12:59:36.0449 0x19c0 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:59:36.0470 0x19c0 CNG - ok
12:59:36.0475 0x19c0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:59:36.0483 0x19c0 Compbatt - ok
12:59:36.0486 0x19c0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:59:36.0498 0x19c0 CompositeBus - ok
12:59:36.0501 0x19c0 COMSysApp - ok
12:59:36.0523 0x19c0 cpuz136 - ok
12:59:36.0527 0x19c0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:59:36.0536 0x19c0 crcdisk - ok
12:59:36.0544 0x19c0 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:59:36.0557 0x19c0 CryptSvc - ok
12:59:36.0569 0x19c0 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
12:59:36.0592 0x19c0 CSC - ok
12:59:36.0607 0x19c0 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
12:59:36.0630 0x19c0 CscService - ok
12:59:36.0636 0x19c0 [ 106838084C284C06D01C6C5370F7C5D3, 977096D7C4218E123306FB191C69F6642505DA17D0AE25D6BFFECD029B055BC1 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
12:59:36.0645 0x19c0 dc3d - ok
12:59:36.0659 0x19c0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:59:36.0693 0x19c0 DcomLaunch - ok
12:59:36.0702 0x19c0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:59:36.0731 0x19c0 defragsvc - ok
12:59:36.0736 0x19c0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:59:36.0761 0x19c0 DfsC - ok
12:59:36.0769 0x19c0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:59:36.0785 0x19c0 Dhcp - ok
12:59:36.0789 0x19c0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:59:36.0813 0x19c0 discache - ok
12:59:36.0818 0x19c0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:59:36.0827 0x19c0 Disk - ok
12:59:36.0831 0x19c0 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:59:36.0842 0x19c0 dmvsc - ok
12:59:36.0849 0x19c0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:59:36.0864 0x19c0 Dnscache - ok
12:59:36.0871 0x19c0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:59:36.0900 0x19c0 dot3svc - ok
12:59:36.0906 0x19c0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:59:36.0933 0x19c0 DPS - ok
12:59:36.0936 0x19c0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:59:36.0945 0x19c0 drmkaud - ok
12:59:36.0964 0x19c0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:59:36.0990 0x19c0 DXGKrnl - ok
12:59:36.0997 0x19c0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:59:37.0023 0x19c0 EapHost - ok
12:59:37.0085 0x19c0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:59:37.0161 0x19c0 ebdrv - ok
12:59:37.0171 0x19c0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
12:59:37.0181 0x19c0 EFS - ok
12:59:37.0196 0x19c0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:59:37.0220 0x19c0 ehRecvr - ok
12:59:37.0225 0x19c0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:59:37.0237 0x19c0 ehSched - ok
12:59:37.0250 0x19c0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:59:37.0267 0x19c0 elxstor - ok
12:59:37.0271 0x19c0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:59:37.0280 0x19c0 ErrDev - ok
12:59:37.0284 0x19c0 [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv C:\Windows\etdrv.sys
12:59:37.0292 0x19c0 etdrv - ok
12:59:37.0304 0x19c0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:59:37.0336 0x19c0 EventSystem - ok
12:59:37.0340 0x19c0 [ A0539478593A00AA64E600CF7E19F195, BD835D70F3EE9BFEFFABE747AD65BC97C73AD8042F653BF93535277FB0CBD4CE ] EvolveVirtualAdapter C:\Windows\system32\DRIVERS\evolve.sys
12:59:37.0349 0x19c0 EvolveVirtualAdapter - ok
12:59:37.0355 0x19c0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:59:37.0383 0x19c0 exfat - ok
12:59:37.0392 0x19c0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:59:37.0427 0x19c0 fastfat - ok
12:59:37.0444 0x19c0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:59:37.0468 0x19c0 Fax - ok
12:59:37.0472 0x19c0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:59:37.0482 0x19c0 fdc - ok
12:59:37.0486 0x19c0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:59:37.0511 0x19c0 fdPHost - ok
12:59:37.0514 0x19c0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:59:37.0539 0x19c0 FDResPub - ok
12:59:37.0543 0x19c0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:59:37.0552 0x19c0 FileInfo - ok
12:59:37.0556 0x19c0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:59:37.0581 0x19c0 Filetrace - ok
12:59:37.0584 0x19c0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:59:37.0594 0x19c0 flpydisk - ok
12:59:37.0602 0x19c0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:59:37.0615 0x19c0 FltMgr - ok
12:59:37.0640 0x19c0 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:59:37.0674 0x19c0 FontCache - ok
12:59:37.0679 0x19c0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:59:37.0688 0x19c0 FontCache3.0.0.0 - ok
12:59:37.0693 0x19c0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:59:37.0702 0x19c0 FsDepends - ok
12:59:37.0706 0x19c0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:59:37.0715 0x19c0 Fs_Rec - ok
12:59:37.0722 0x19c0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:59:37.0737 0x19c0 fvevol - ok
12:59:37.0741 0x19c0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:59:37.0750 0x19c0 gagp30kx - ok
12:59:37.0762 0x19c0 [ 50FFA2F6A5BEC5BB7C39AAB76EEA3C58, E7B0934FF69994F61D9186BF28EE8EAADEB4F64BC6FAE895B2602DAC3B311235 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
12:59:37.0777 0x19c0 Garmin Core Update Service - ok
12:59:37.0781 0x19c0 [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys
12:59:37.0788 0x19c0 gdrv - ok
12:59:37.0977 0x19c0 getbus - ok
12:59:38.0121 0x19c0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:59:38.0160 0x19c0 gpsvc - ok
12:59:38.0165 0x19c0 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:59:38.0174 0x19c0 gupdate - ok
12:59:38.0179 0x19c0 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:59:38.0187 0x19c0 gupdatem - ok
12:59:38.0191 0x19c0 [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64 C:\Windows\GVTDrv64.sys
12:59:38.0199 0x19c0 GVTDrv64 - ok
12:59:38.0205 0x19c0 [ 6E02DDFFA0E8C069A92A0888B0CB8415, 44816EA24121AD0C9EB8048BED9250D7992CD0C0ABA69C3269A633D48297B7A7 ] hcmon C:\Windows\system32\drivers\hcmon.sys
12:59:38.0214 0x19c0 hcmon - ok
12:59:38.0217 0x19c0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:59:38.0227 0x19c0 hcw85cir - ok
12:59:38.0236 0x19c0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:59:38.0254 0x19c0 HdAudAddService - ok
12:59:38.0259 0x19c0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:59:38.0273 0x19c0 HDAudBus - ok
12:59:38.0276 0x19c0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:59:38.0286 0x19c0 HidBatt - ok
12:59:38.0290 0x19c0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:59:38.0303 0x19c0 HidBth - ok
12:59:38.0308 0x19c0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:59:38.0320 0x19c0 HidIr - ok
12:59:38.0323 0x19c0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:59:38.0348 0x19c0 hidserv - ok
12:59:38.0352 0x19c0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:59:38.0362 0x19c0 HidUsb - ok
12:59:38.0366 0x19c0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:59:38.0391 0x19c0 hkmsvc - ok
12:59:38.0398 0x19c0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:59:38.0412 0x19c0 HomeGroupListener - ok
12:59:38.0418 0x19c0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:59:38.0432 0x19c0 HomeGroupProvider - ok
12:59:38.0436 0x19c0 [ 86724A200BF1F08A03FB563660FCD928, E2BDD30D7AFECB0F517BB02C788C93D506FB2B180DCA239BC4A1FEDB1E986EAD ] HP DS Service C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
12:59:38.0440 0x19c0 HP DS Service - detected UnsignedFile.Multi.Generic ( 1 )
12:59:41.0102 0x19c0 Detect skipped due to KSN trusted
12:59:41.0102 0x19c0 HP DS Service - ok
12:59:41.0108 0x19c0 [ 9C42E435F629CD8512BECFA082762425, BC817D05E5B8BE05CAB05F075A2C0B3CCF39E6BBD924BD0040C698F4D4580677 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
12:59:41.0115 0x19c0 HP LaserJet Service - detected UnsignedFile.Multi.Generic ( 1 )
12:59:43.0882 0x19c0 Detect skipped due to KSN trusted
12:59:43.0882 0x19c0 HP LaserJet Service - ok
12:59:43.0886 0x19c0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:59:43.0896 0x19c0 HpSAMD - ok
12:59:43.0912 0x19c0 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:59:43.0951 0x19c0 HTTP - ok
12:59:43.0957 0x19c0 [ D7E0591E2BA1289C875A9D948377441E, 9FDBC10A4FBCE2E9521DF84E177A08530DF6FBF1F830B3D3788367DF8F8ED327 ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO64A.SYS
12:59:43.0965 0x19c0 HWiNFO32 - ok
12:59:43.0968 0x19c0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:59:43.0976 0x19c0 hwpolicy - ok
12:59:43.0981 0x19c0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:59:43.0992 0x19c0 i8042prt - ok
12:59:44.0004 0x19c0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:59:44.0019 0x19c0 iaStorV - ok
12:59:44.0027 0x19c0 [ 42AC8F419412AFEB326C411DB1753C2F, 949D99261207502D8CAB6715980D584018BE9EAFE15C0ACF7FDAD25121BD42B4 ] ibtusb C:\Windows\system32\DRIVERS\ibtusb.sys
12:59:44.0037 0x19c0 ibtusb - ok
12:59:44.0043 0x19c0 [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
12:59:44.0050 0x19c0 ICCS - detected UnsignedFile.Multi.Generic ( 1 )
12:59:46.0807 0x19c0 Detect skipped due to KSN trusted
12:59:46.0807 0x19c0 ICCS - ok
12:59:46.0812 0x19c0 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:59:46.0817 0x19c0 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:59:49.0654 0x19c0 Detect skipped due to KSN trusted
12:59:49.0654 0x19c0 IDriverT - ok
12:59:49.0675 0x19c0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:59:49.0698 0x19c0 idsvc - ok
12:59:49.0703 0x19c0 IEEtwCollectorService - ok
12:59:49.0707 0x19c0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:59:49.0716 0x19c0 iirsp - ok
12:59:49.0735 0x19c0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:59:49.0763 0x19c0 IKEEXT - ok
12:59:49.0841 0x19c0 [ 07E34A18AB9DAD1F680B1066D9782BFB, 62285189743CAA57B0108D8D4A197E5BB22143311026AD4AC5BA7BBEA7DC4299 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:59:49.0916 0x19c0 IntcAzAudAddService - ok
12:59:49.0924 0x19c0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:59:49.0933 0x19c0 intelide - ok
12:59:49.0937 0x19c0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
12:59:49.0947 0x19c0 intelppm - ok
12:59:49.0952 0x19c0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:59:49.0978 0x19c0 IPBusEnum - ok
12:59:49.0982 0x19c0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:59:50.0007 0x19c0 IpFilterDriver - ok
12:59:50.0021 0x19c0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:59:50.0042 0x19c0 iphlpsvc - ok
12:59:50.0047 0x19c0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:59:50.0058 0x19c0 IPMIDRV - ok
12:59:50.0062 0x19c0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:59:50.0088 0x19c0 IPNAT - ok
12:59:50.0092 0x19c0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:59:50.0104 0x19c0 IRENUM - ok
12:59:50.0107 0x19c0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:59:50.0116 0x19c0 isapnp - ok
12:59:50.0125 0x19c0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:59:50.0137 0x19c0 iScsiPrt - ok
12:59:50.0142 0x19c0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:59:50.0151 0x19c0 kbdclass - ok
12:59:50.0154 0x19c0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:59:50.0164 0x19c0 kbdhid - ok
12:59:50.0168 0x19c0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
12:59:50.0178 0x19c0 KeyIso - ok
12:59:50.0183 0x19c0 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:59:50.0192 0x19c0 KSecDD - ok
12:59:50.0198 0x19c0 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:59:50.0209 0x19c0 KSecPkg - ok
12:59:50.0212 0x19c0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:59:50.0237 0x19c0 ksthunk - ok
12:59:50.0248 0x19c0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:59:50.0279 0x19c0 KtmRm - ok
12:59:50.0287 0x19c0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:59:50.0315 0x19c0 LanmanServer - ok
12:59:50.0320 0x19c0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:59:50.0347 0x19c0 LanmanWorkstation - ok
12:59:50.0353 0x19c0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:59:50.0378 0x19c0 lltdio - ok
12:59:50.0387 0x19c0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:59:50.0417 0x19c0 lltdsvc - ok
12:59:50.0421 0x19c0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:59:50.0446 0x19c0 lmhosts - ok
12:59:50.0452 0x19c0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:59:50.0462 0x19c0 LSI_FC - ok
12:59:50.0466 0x19c0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:59:50.0476 0x19c0 LSI_SAS - ok
12:59:50.0481 0x19c0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:59:50.0490 0x19c0 LSI_SAS2 - ok
12:59:50.0495 0x19c0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:59:50.0506 0x19c0 LSI_SCSI - ok
12:59:50.0511 0x19c0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:59:50.0537 0x19c0 luafv - ok
12:59:50.0541 0x19c0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:59:50.0553 0x19c0 Mcx2Svc - ok
12:59:50.0557 0x19c0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:59:50.0566 0x19c0 megasas - ok
12:59:50.0574 0x19c0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:59:50.0587 0x19c0 MegaSR - ok
12:59:50.0592 0x19c0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:59:50.0619 0x19c0 MMCSS - ok
12:59:50.0622 0x19c0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:59:50.0647 0x19c0 Modem - ok
12:59:50.0650 0x19c0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:59:50.0662 0x19c0 monitor - ok
12:59:50.0666 0x19c0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:59:50.0675 0x19c0 mouclass - ok
12:59:50.0678 0x19c0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:59:50.0688 0x19c0 mouhid - ok
12:59:50.0693 0x19c0 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:59:50.0702 0x19c0 mountmgr - ok
12:59:50.0710 0x19c0 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
12:59:50.0725 0x19c0 MpFilter - ok
12:59:50.0731 0x19c0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:59:50.0741 0x19c0 mpio - ok
12:59:50.0746 0x19c0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:59:50.0771 0x19c0 mpsdrv - ok
12:59:50.0789 0x19c0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:59:50.0829 0x19c0 MpsSvc - ok
12:59:50.0836 0x19c0 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:59:50.0848 0x19c0 MRxDAV - ok
12:59:50.0855 0x19c0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:59:50.0869 0x19c0 mrxsmb - ok
12:59:50.0879 0x19c0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:59:50.0893 0x19c0 mrxsmb10 - ok
12:59:50.0899 0x19c0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:59:50.0911 0x19c0 mrxsmb20 - ok
12:59:50.0914 0x19c0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:59:50.0923 0x19c0 msahci - ok
12:59:50.0928 0x19c0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:59:50.0939 0x19c0 msdsm - ok
12:59:50.0944 0x19c0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:59:50.0957 0x19c0 MSDTC - ok
12:59:50.0964 0x19c0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:59:50.0989 0x19c0 Msfs - ok
12:59:50.0992 0x19c0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:59:51.0016 0x19c0 mshidkmdf - ok
12:59:51.0019 0x19c0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:59:51.0027 0x19c0 msisadrv - ok
12:59:51.0033 0x19c0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:59:51.0061 0x19c0 MSiSCSI - ok
12:59:51.0064 0x19c0 msiserver - ok
12:59:51.0067 0x19c0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:59:51.0091 0x19c0 MSKSSRV - ok
12:59:51.0095 0x19c0 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
12:59:51.0105 0x19c0 MsMpSvc - ok
12:59:51.0108 0x19c0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:59:51.0132 0x19c0 MSPCLOCK - ok
12:59:51.0135 0x19c0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:59:51.0159 0x19c0 MSPQM - ok
12:59:51.0168 0x19c0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:59:51.0182 0x19c0 MsRPC - ok
12:59:51.0187 0x19c0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:59:51.0196 0x19c0 mssmbios - ok
12:59:51.0199 0x19c0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:59:51.0223 0x19c0 MSTEE - ok
12:59:51.0226 0x19c0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:59:51.0236 0x19c0 MTConfig - ok
12:59:51.0240 0x19c0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:59:51.0249 0x19c0 Mup - ok
12:59:51.0260 0x19c0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:59:51.0293 0x19c0 napagent - ok
12:59:51.0302 0x19c0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:59:51.0321 0x19c0 NativeWifiP - ok
12:59:51.0342 0x19c0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:59:51.0367 0x19c0 NDIS - ok
12:59:51.0372 0x19c0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:59:51.0396 0x19c0 NdisCap - ok
12:59:51.0399 0x19c0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:59:51.0423 0x19c0 NdisTapi - ok
12:59:51.0427 0x19c0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:59:51.0450 0x19c0 Ndisuio - ok
12:59:51.0456 0x19c0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:59:51.0481 0x19c0 NdisWan - ok
12:59:51.0485 0x19c0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:59:51.0509 0x19c0 NDProxy - ok
12:59:51.0513 0x19c0 [ 2C723E42FC8D7B0209492828F921FB50, 2ECF9F4D91F317432FB5A6D01D8271BB7E2A5B8A6CA9EF2F2036890D2B072E52 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:59:51.0518 0x19c0 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:59:54.0201 0x19c0 Detect skipped due to KSN trusted
12:59:54.0201 0x19c0 Net Driver HPZ12 - ok
12:59:54.0204 0x19c0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:59:54.0228 0x19c0 NetBIOS - ok
12:59:54.0235 0x19c0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:59:54.0263 0x19c0 NetBT - ok
12:59:54.0267 0x19c0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
12:59:54.0277 0x19c0 Netlogon - ok
12:59:54.0286 0x19c0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:59:54.0318 0x19c0 Netman - ok
12:59:54.0327 0x19c0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:59:54.0340 0x19c0 NetMsmqActivator - ok
12:59:54.0344 0x19c0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:59:54.0356 0x19c0 NetPipeActivator - ok
12:59:54.0368 0x19c0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:59:54.0401 0x19c0 netprofm - ok
12:59:54.0407 0x19c0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:59:54.0418 0x19c0 NetTcpActivator - ok
12:59:54.0423 0x19c0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:59:54.0435 0x19c0 NetTcpPortSharing - ok
12:59:54.0505 0x19c0 [ C765243896D8D734FD667AE42B0FB40B, B2D00B0D82450C4EA191D241D538D839400214C587CCB3FE3EE99709093825E1 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwsw02.sys
12:59:54.0576 0x19c0 NETwNs64 - ok
12:59:54.0586 0x19c0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:59:54.0594 0x19c0 nfrd960 - ok
12:59:54.0600 0x19c0 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:59:54.0611 0x19c0 NisDrv - ok
12:59:54.0620 0x19c0 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
12:59:54.0636 0x19c0 NisSrv - ok
12:59:54.0645 0x19c0 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:59:54.0661 0x19c0 NlaSvc - ok
12:59:54.0665 0x19c0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:59:54.0690 0x19c0 Npfs - ok
12:59:54.0693 0x19c0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:59:54.0718 0x19c0 nsi - ok
12:59:54.0721 0x19c0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:59:54.0745 0x19c0 nsiproxy - ok
12:59:54.0779 0x19c0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:59:54.0817 0x19c0 Ntfs - ok
12:59:54.0823 0x19c0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:59:54.0846 0x19c0 Null - ok
12:59:54.0852 0x19c0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:59:54.0863 0x19c0 nvraid - ok
12:59:54.0869 0x19c0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:59:54.0880 0x19c0 nvstor - ok
12:59:54.0884 0x19c0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:59:54.0895 0x19c0 nv_agp - ok
12:59:54.0899 0x19c0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:59:54.0909 0x19c0 ohci1394 - ok
12:59:54.0915 0x19c0 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:59:54.0925 0x19c0 ose - ok
12:59:55.0017 0x19c0 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:59:55.0116 0x19c0 osppsvc - ok
12:59:55.0133 0x19c0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:59:55.0149 0x19c0 p2pimsvc - ok
12:59:55.0160 0x19c0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:59:55.0178 0x19c0 p2psvc - ok
12:59:55.0183 0x19c0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:59:55.0194 0x19c0 Parport - ok
12:59:55.0199 0x19c0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:59:55.0208 0x19c0 partmgr - ok
12:59:55.0214 0x19c0 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
12:59:55.0231 0x19c0 PcaSvc - ok
12:59:55.0237 0x19c0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:59:55.0248 0x19c0 pci - ok
12:59:55.0251 0x19c0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:59:55.0260 0x19c0 pciide - ok
12:59:55.0266 0x19c0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:59:55.0278 0x19c0 pcmcia - ok
12:59:55.0282 0x19c0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:59:55.0291 0x19c0 pcw - ok
12:59:55.0327 0x19c0 [ D0AD1271494EB9E065E902D1013BC369, 0E4DB28B5C348DF44BADC64FB8BCDA563D0515A75F0F14FD076BC39AF19BD65F ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe
12:59:55.0365 0x19c0 PDF Architect 2 - ok
12:59:55.0384 0x19c0 [ 835E1A0AB522271FFA66E40875AB649A, EBAD6126E16593B1BEB6958772A04A8CF46B587D494E8DA2349636BF93E6900C ] PDF Architect 2 Creator C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
12:59:55.0404 0x19c0 PDF Architect 2 Creator - ok
12:59:55.0424 0x19c0 [ 89436BB836F6737F19EB2B78250E414E, 9140F42CACDDC0979B90553D43A1FA1296DD829E6235D272F9DF3670613445CF ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
12:59:55.0446 0x19c0 pdfforge CrashHandler - ok
12:59:55.0460 0x19c0 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:59:55.0497 0x19c0 PEAUTH - ok
12:59:55.0527 0x19c0 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:59:55.0564 0x19c0 PeerDistSvc - ok
12:59:55.0582 0x19c0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:59:55.0592 0x19c0 PerfHost - ok
12:59:55.0623 0x19c0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:59:55.0677 0x19c0 pla - ok
12:59:55.0691 0x19c0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:59:55.0710 0x19c0 PlugPlay - ok
12:59:55.0714 0x19c0 [ 171E6D91A20AAC8D02172A64E82CE90B, 0D51F00D6C0376CD12893620E0A15E687263048CFE20E953F6BB4B7D6CDC3F50 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:59:55.0720 0x19c0 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:59:58.0380 0x19c0 Detect skipped due to KSN trusted
12:59:58.0381 0x19c0 Pml Driver HPZ12 - ok
12:59:58.0384 0x19c0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:59:58.0395 0x19c0 PNRPAutoReg - ok
12:59:58.0404 0x19c0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:59:58.0420 0x19c0 PNRPsvc - ok
12:59:58.0425 0x19c0 [ 8E0ACA1C5D6516E5E2E7A7AA5D44D704, 9CCE2FCBEDD21E1EA4A0476B4886DC6C6493CCBAB27AF23E83B0B0B646D8C520 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
12:59:58.0434 0x19c0 Point64 - ok
12:59:58.0446 0x19c0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:59:58.0479 0x19c0 PolicyAgent - ok
12:59:58.0488 0x19c0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:59:58.0516 0x19c0 Power - ok
12:59:58.0521 0x19c0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:59:58.0546 0x19c0 PptpMiniport - ok
12:59:58.0550 0x19c0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:59:58.0560 0x19c0 Processor - ok
12:59:58.0567 0x19c0 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:59:58.0582 0x19c0 ProfSvc - ok
12:59:58.0586 0x19c0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:59:58.0596 0x19c0 ProtectedStorage - ok
12:59:58.0601 0x19c0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:59:58.0627 0x19c0 Psched - ok
12:59:58.0656 0x19c0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:59:58.0692 0x19c0 ql2300 - ok
12:59:58.0700 0x19c0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:59:58.0711 0x19c0 ql40xx - ok
12:59:58.0720 0x19c0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:59:58.0738 0x19c0 QWAVE - ok
12:59:58.0742 0x19c0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:59:58.0756 0x19c0 QWAVEdrv - ok
12:59:58.0759 0x19c0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:59:58.0783 0x19c0 RasAcd - ok
12:59:58.0789 0x19c0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:59:58.0813 0x19c0 RasAgileVpn - ok
12:59:58.0819 0x19c0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:59:58.0846 0x19c0 RasAuto - ok
12:59:58.0851 0x19c0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:59:58.0878 0x19c0 Rasl2tp - ok
12:59:58.0893 0x19c0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:59:58.0924 0x19c0 RasMan - ok
12:59:58.0929 0x19c0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:59:58.0957 0x19c0 RasPppoe - ok
12:59:58.0962 0x19c0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:59:58.0988 0x19c0 RasSstp - ok
12:59:58.0996 0x19c0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:59:59.0025 0x19c0 rdbss - ok
12:59:59.0029 0x19c0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:59:59.0040 0x19c0 rdpbus - ok
12:59:59.0044 0x19c0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:59:59.0068 0x19c0 RDPCDD - ok
12:59:59.0076 0x19c0 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:59:59.0088 0x19c0 RDPDR - ok
12:59:59.0092 0x19c0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:59:59.0116 0x19c0 RDPENCDD - ok
12:59:59.0121 0x19c0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:59:59.0145 0x19c0 RDPREFMP - ok
12:59:59.0153 0x19c0 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:59:59.0166 0x19c0 RDPWD - ok
12:59:59.0173 0x19c0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:59:59.0186 0x19c0 rdyboost - ok
12:59:59.0192 0x19c0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:59:59.0218 0x19c0 RemoteAccess - ok
12:59:59.0225 0x19c0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:59:59.0253 0x19c0 RemoteRegistry - ok
12:59:59.0260 0x19c0 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:59:59.0274 0x19c0 RFCOMM - ok
12:59:59.0279 0x19c0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:59:59.0305 0x19c0 RpcEptMapper - ok
12:59:59.0309 0x19c0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:59:59.0319 0x19c0 RpcLocator - ok
12:59:59.0333 0x19c0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:59:59.0367 0x19c0 RpcSs - ok
12:59:59.0372 0x19c0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:59:59.0397 0x19c0 rspndr - ok
12:59:59.0413 0x19c0 [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:59:59.0432 0x19c0 RTL8167 - ok
12:59:59.0437 0x19c0 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:59:59.0446 0x19c0 s3cap - ok
12:59:59.0450 0x19c0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
12:59:59.0460 0x19c0 SamSs - ok
12:59:59.0465 0x19c0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:59:59.0475 0x19c0 sbp2port - ok
12:59:59.0483 0x19c0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:59:59.0511 0x19c0 SCardSvr - ok
12:59:59.0515 0x19c0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:59:59.0539 0x19c0 scfilter - ok
12:59:59.0561 0x19c0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:59:59.0607 0x19c0 Schedule - ok
12:59:59.0614 0x19c0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:59:59.0639 0x19c0 SCPolicySvc - ok
12:59:59.0646 0x19c0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:59:59.0659 0x19c0 SDRSVC - ok
12:59:59.0663 0x19c0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:59:59.0687 0x19c0 secdrv - ok
12:59:59.0691 0x19c0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:59:59.0715 0x19c0 seclogon - ok
12:59:59.0723 0x19c0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:59:59.0748 0x19c0 SENS - ok
12:59:59.0752 0x19c0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:59:59.0763 0x19c0 SensrSvc - ok
12:59:59.0766 0x19c0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:59:59.0776 0x19c0 Serenum - ok
12:59:59.0781 0x19c0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:59:59.0792 0x19c0 Serial - ok
12:59:59.0796 0x19c0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:59:59.0806 0x19c0 sermouse - ok
12:59:59.0817 0x19c0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:59:59.0843 0x19c0 SessionEnv - ok
12:59:59.0847 0x19c0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:59:59.0859 0x19c0 sffdisk - ok
12:59:59.0862 0x19c0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:59:59.0874 0x19c0 sffp_mmc - ok
12:59:59.0878 0x19c0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:59:59.0889 0x19c0 sffp_sd - ok
12:59:59.0893 0x19c0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:59:59.0903 0x19c0 sfloppy - ok
12:59:59.0913 0x19c0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:59:59.0944 0x19c0 SharedAccess - ok
12:59:59.0955 0x19c0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:59:59.0986 0x19c0 ShellHWDetection - ok
12:59:59.0990 0x19c0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:59:59.0999 0x19c0 SiSRaid2 - ok
13:00:00.0004 0x19c0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:00:00.0013 0x19c0 SiSRaid4 - ok
13:00:00.0021 0x19c0 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:00:00.0033 0x19c0 SkypeUpdate - ok
13:00:00.0038 0x19c0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:00:00.0064 0x19c0 Smb - ok
13:00:00.0071 0x19c0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:00:00.0082 0x19c0 SNMPTRAP - ok
13:00:00.0086 0x19c0 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\syswow64\speedfan.sys
13:00:00.0096 0x19c0 speedfan - ok
13:00:00.0099 0x19c0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
13:00:00.0108 0x19c0 spldr - ok
13:00:00.0123 0x19c0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
13:00:00.0144 0x19c0 Spooler - ok
13:00:00.0210 0x19c0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
13:00:00.0305 0x19c0 sppsvc - ok
13:00:00.0314 0x19c0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:00:00.0340 0x19c0 sppuinotify - ok
13:00:00.0353 0x19c0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:00:00.0372 0x19c0 srv - ok
13:00:00.0384 0x19c0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:00:00.0401 0x19c0 srv2 - ok
13:00:00.0409 0x19c0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:00:00.0421 0x19c0 srvnet - ok
13:00:00.0427 0x19c0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:00:00.0455 0x19c0 SSDPSRV - ok
13:00:00.0460 0x19c0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:00:00.0486 0x19c0 SstpSvc - ok
13:00:00.0491 0x19c0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:00:00.0500 0x19c0 stexstor - ok
13:00:00.0515 0x19c0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
13:00:00.0540 0x19c0 stisvc - ok
13:00:00.0545 0x19c0 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:00:00.0554 0x19c0 storflt - ok
13:00:00.0558 0x19c0 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
13:00:00.0568 0x19c0 StorSvc - ok
13:00:00.0573 0x19c0 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:00:00.0582 0x19c0 storvsc - ok
13:00:00.0586 0x19c0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:00:00.0595 0x19c0 swenum - ok
13:00:00.0608 0x19c0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
13:00:00.0643 0x19c0 swprv - ok
13:00:00.0677 0x19c0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
13:00:00.0725 0x19c0 SysMain - ok
13:00:00.0737 0x19c0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:00:00.0752 0x19c0 TabletInputService - ok
13:00:00.0761 0x19c0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
13:00:00.0792 0x19c0 TapiSrv - ok
13:00:00.0796 0x19c0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
13:00:00.0822 0x19c0 TBS - ok
13:00:00.0863 0x19c0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:00:00.0905 0x19c0 Tcpip - ok
13:00:00.0946 0x19c0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:00:00.0988 0x19c0 TCPIP6 - ok
13:00:00.0996 0x19c0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:00:01.0006 0x19c0 tcpipreg - ok
13:00:01.0011 0x19c0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:00:01.0021 0x19c0 TDPIPE - ok
13:00:01.0025 0x19c0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:00:01.0034 0x19c0 TDTCP - ok
13:00:01.0039 0x19c0 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:00:01.0064 0x19c0 tdx - ok
13:00:01.0152 0x19c0 [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
13:00:01.0245 0x19c0 TeamViewer9 - ok
13:00:01.0257 0x19c0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:00:01.0267 0x19c0 TermDD - ok
13:00:01.0283 0x19c0 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
13:00:01.0321 0x19c0 TermService - ok
13:00:01.0326 0x19c0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
13:00:01.0340 0x19c0 Themes - ok
13:00:01.0345 0x19c0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
13:00:01.0370 0x19c0 THREADORDER - ok
13:00:01.0376 0x19c0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
13:00:01.0403 0x19c0 TrkWks - ok
13:00:01.0409 0x19c0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:00:01.0436 0x19c0 TrustedInstaller - ok
13:00:01.0442 0x19c0 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:00:01.0451 0x19c0 tssecsrv - ok
13:00:01.0456 0x19c0 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:00:01.0466 0x19c0 TsUsbFlt - ok
13:00:01.0470 0x19c0 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:00:01.0479 0x19c0 TsUsbGD - ok
13:00:01.0524 0x19c0 [ CDAD7034AF9562835F29FB50A5F54832, CEBEAAF387A6B6A7CE20839E29988F47A7CD381BEDD8B127ECD5E0548BCC68FA ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
13:00:01.0568 0x19c0 TuneUp.UtilitiesSvc - ok
13:00:01.0575 0x19c0 [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
13:00:01.0584 0x19c0 TuneUpUtilitiesDrv - ok
13:00:01.0589 0x19c0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:00:01.0615 0x19c0 tunnel - ok
13:00:01.0620 0x19c0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:00:01.0630 0x19c0 uagp35 - ok
13:00:01.0639 0x19c0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:00:01.0669 0x19c0 udfs - ok
13:00:01.0677 0x19c0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:00:01.0688 0x19c0 UI0Detect - ok
13:00:01.0692 0x19c0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:00:01.0702 0x19c0 uliagpkx - ok
13:00:01.0706 0x19c0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:00:01.0716 0x19c0 umbus - ok
13:00:01.0720 0x19c0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:00:01.0729 0x19c0 UmPass - ok
13:00:01.0736 0x19c0 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
13:00:01.0753 0x19c0 UmRdpService - ok
13:00:01.0763 0x19c0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
13:00:01.0795 0x19c0 upnphost - ok
13:00:01.0803 0x19c0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:00:01.0813 0x19c0 usbccgp - ok
13:00:01.0819 0x19c0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:00:01.0830 0x19c0 usbcir - ok
13:00:01.0836 0x19c0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:00:01.0845 0x19c0 usbehci - ok
13:00:01.0850 0x19c0 [ 5A4AC5D05A7C97C68596416C05D6F2B4, 1CDE5172B763D2D65379B9F3ABACC080AF676DB9354EC98A455E620C4CE3E18A ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
13:00:01.0859 0x19c0 usbfilter - ok
13:00:01.0869 0x19c0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:00:01.0887 0x19c0 usbhub - ok
13:00:01.0891 0x19c0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:00:01.0901 0x19c0 usbohci - ok
13:00:01.0905 0x19c0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
13:00:01.0916 0x19c0 usbprint - ok
13:00:01.0922 0x19c0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:00:01.0933 0x19c0 USBSTOR - ok
13:00:01.0938 0x19c0 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:00:01.0947 0x19c0 usbuhci - ok
13:00:01.0953 0x19c0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
13:00:01.0979 0x19c0 UxSms - ok
13:00:01.0984 0x19c0 [ F136966EB7D751075AE020D85F718F59, 8DFF4F8584F1AC5A9D9E5D6D4986657916E9C51B1809A22D155FB7208039EC90 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
13:00:01.0993 0x19c0 UxTuneUp - ok
13:00:01.0997 0x19c0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
13:00:02.0007 0x19c0 VaultSvc - ok
13:00:02.0011 0x19c0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:00:02.0020 0x19c0 vdrvroot - ok
13:00:02.0033 0x19c0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
13:00:02.0067 0x19c0 vds - ok
13:00:02.0072 0x19c0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:00:02.0084 0x19c0 vga - ok
13:00:02.0087 0x19c0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:00:02.0112 0x19c0 VgaSave - ok
13:00:02.0118 0x19c0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:00:02.0131 0x19c0 vhdmp - ok
13:00:02.0135 0x19c0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
13:00:02.0143 0x19c0 viaide - ok
13:00:02.0149 0x19c0 [ 549CD7035F5CF5CEE4DE11539C9715F4, 6FED4D5161420890A92C3B811B4CBD18A1A106D5F5E674166E538E65A1C68E04 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
13:00:02.0157 0x19c0 VMAuthdService - ok
13:00:02.0164 0x19c0 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:00:02.0176 0x19c0 vmbus - ok
13:00:02.0180 0x19c0 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:00:02.0190 0x19c0 VMBusHID - ok
13:00:02.0195 0x19c0 [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci C:\Windows\system32\DRIVERS\vmci.sys
13:00:02.0204 0x19c0 vmci - ok
13:00:02.0208 0x19c0 [ CCB2A61113D093B9B5CCCF1D60D65E7A, 4459DD26ACF1B7675016B16BA02814E2A35FE862DEDA31AC7110CE2C2E3947AA ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
13:00:02.0216 0x19c0 vmkbd - ok
13:00:02.0220 0x19c0 [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
13:00:02.0227 0x19c0 VMnetAdapter - ok
13:00:02.0232 0x19c0 [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
13:00:02.0240 0x19c0 VMnetBridge - ok
13:00:02.0244 0x19c0 VMnetDHCP - ok
13:00:02.0248 0x19c0 [ 668C12E04D5AB4981864B12494AF907F, 20D94E5E060EB04558B39B33A81C989D7F9DB52C7378FECF9D430F1DC385E4E0 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
13:00:02.0256 0x19c0 VMnetuserif - ok
13:00:02.0262 0x19c0 [ F347A28F63162FF82BDDAADC14935BA4, 44C11B483CCA161E7097ED74C819464FE99C1E6AA9B1AB6A637BACDA6EF48519 ] vmusb C:\Windows\system32\DRIVERS\vmusb.sys
13:00:02.0269 0x19c0 vmusb - ok
13:00:02.0290 0x19c0 [ 093B967896BA9EF2ADFCD75E185B9DA9, 3D6F5FF56311D4B506D02F77620B80EDB54E6E560BDF53AC9F3CDBB037D0ACA0 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
13:00:02.0313 0x19c0 VMUSBArbService - ok
13:00:02.0319 0x19c0 VMware NAT Service - ok
13:00:02.0325 0x19c0 [ EBAC38A198308359FD89C10704265E5E, 7C234FE34D6A65D754F8B2EA0458365997CF97B88779B01551E5227910943224 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
13:00:02.0333 0x19c0 vmx86 - ok
13:00:02.0338 0x19c0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:00:02.0347 0x19c0 volmgr - ok
13:00:02.0357 0x19c0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:00:02.0371 0x19c0 volmgrx - ok
13:00:02.0380 0x19c0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:00:02.0395 0x19c0 volsnap - ok
13:00:02.0402 0x19c0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:00:02.0415 0x19c0 vsmraid - ok
13:00:02.0424 0x19c0 [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock C:\Windows\system32\drivers\vsock.sys
13:00:02.0433 0x19c0 vsock - ok
13:00:02.0465 0x19c0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
13:00:02.0521 0x19c0 VSS - ok
13:00:02.0527 0x19c0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:00:02.0538 0x19c0 vwifibus - ok
13:00:02.0543 0x19c0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:00:02.0557 0x19c0 vwififlt - ok
13:00:02.0561 0x19c0 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
13:00:02.0574 0x19c0 vwifimp - ok
13:00:02.0586 0x19c0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
13:00:02.0622 0x19c0 W32Time - ok
13:00:02.0628 0x19c0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:00:02.0640 0x19c0 WacomPen - ok
13:00:02.0645 0x19c0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:00:02.0672 0x19c0 WANARP - ok
13:00:02.0676 0x19c0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:00:02.0702 0x19c0 Wanarpv6 - ok
13:00:02.0735 0x19c0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
13:00:02.0777 0x19c0 wbengine - ok
13:00:02.0787 0x19c0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:00:02.0805 0x19c0 WbioSrvc - ok
13:00:02.0815 0x19c0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:00:02.0836 0x19c0 wcncsvc - ok
13:00:02.0841 0x19c0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:00:02.0852 0x19c0 WcsPlugInService - ok
13:00:02.0856 0x19c0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
13:00:02.0868 0x19c0 Wd - ok
13:00:02.0889 0x19c0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:00:02.0913 0x19c0 Wdf01000 - ok
13:00:02.0920 0x19c0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:00:02.0935 0x19c0 WdiServiceHost - ok
13:00:02.0940 0x19c0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:00:02.0956 0x19c0 WdiSystemHost - ok
13:00:02.0965 0x19c0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
13:00:02.0982 0x19c0 WebClient - ok
13:00:02.0990 0x19c0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:00:03.0019 0x19c0 Wecsvc - ok
13:00:03.0025 0x19c0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:00:03.0051 0x19c0 wercplsupport - ok
13:00:03.0056 0x19c0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
13:00:03.0083 0x19c0 WerSvc - ok
13:00:03.0087 0x19c0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:00:03.0111 0x19c0 WfpLwf - ok
13:00:03.0115 0x19c0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:00:03.0125 0x19c0 WIMMount - ok
13:00:03.0128 0x19c0 WinDefend - ok
13:00:03.0136 0x19c0 WinHttpAutoProxySvc - ok
13:00:03.0147 0x19c0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:00:03.0176 0x19c0 Winmgmt - ok
13:00:03.0214 0x19c0 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
13:00:03.0279 0x19c0 WinRM - ok
13:00:03.0290 0x19c0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:00:03.0302 0x19c0 WinUsb - ok
13:00:03.0321 0x19c0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:00:03.0353 0x19c0 Wlansvc - ok
13:00:03.0400 0x19c0 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:00:03.0449 0x19c0 wlidsvc - ok
13:00:03.0457 0x19c0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:00:03.0466 0x19c0 WmiAcpi - ok
13:00:03.0476 0x19c0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:00:03.0490 0x19c0 wmiApSrv - ok
13:00:03.0493 0x19c0 WMPNetworkSvc - ok
13:00:03.0499 0x19c0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:00:03.0509 0x19c0 WPCSvc - ok
13:00:03.0514 0x19c0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:00:03.0527 0x19c0 WPDBusEnum - ok
13:00:03.0531 0x19c0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:00:03.0555 0x19c0 ws2ifsl - ok
13:00:03.0561 0x19c0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
13:00:03.0576 0x19c0 wscsvc - ok
13:00:03.0580 0x19c0 WSearch - ok
13:00:03.0628 0x19c0 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
13:00:03.0682 0x19c0 wuauserv - ok
13:00:03.0691 0x19c0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:00:03.0701 0x19c0 WudfPf - ok
13:00:03.0709 0x19c0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:00:03.0722 0x19c0 WUDFRd - ok
13:00:03.0728 0x19c0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:00:03.0739 0x19c0 wudfsvc - ok
13:00:03.0747 0x19c0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
13:00:03.0762 0x19c0 WwanSvc - ok
13:00:03.0780 0x19c0 ================ Scan global ===============================
13:00:03.0783 0x19c0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:00:03.0790 0x19c0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:00:03.0801 0x19c0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:00:03.0807 0x19c0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:00:03.0817 0x19c0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:00:03.0823 0x19c0 [ Global ] - ok
13:00:03.0823 0x19c0 ================ Scan MBR ==================================
13:00:03.0825 0x19c0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:00:04.0034 0x19c0 \Device\Harddisk0\DR0 - ok
13:00:04.0036 0x19c0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
13:00:04.0092 0x19c0 \Device\Harddisk1\DR1 - ok
13:00:04.0092 0x19c0 ================ Scan VBR ==================================
13:00:04.0094 0x19c0 [ 13FA4CBBD8674AF552A512C8E4292E90 ] \Device\Harddisk0\DR0\Partition1
13:00:04.0096 0x19c0 \Device\Harddisk0\DR0\Partition1 - ok
13:00:04.0098 0x19c0 [ 3CB0BE21EBCC9C19A09A936DC6C4D18B ] \Device\Harddisk0\DR0\Partition2
13:00:04.0099 0x19c0 \Device\Harddisk0\DR0\Partition2 - ok
13:00:04.0102 0x19c0 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
13:00:04.0102 0x19c0 \Device\Harddisk1\DR1\Partition1 - ok
13:00:04.0105 0x19c0 [ 4AE35993D34EBC3C3218DD7D072B30DB ] \Device\Harddisk1\DR1\Partition2
13:00:04.0161 0x19c0 \Device\Harddisk1\DR1\Partition2 - ok
13:00:04.0162 0x19c0 ================ Scan generic autorun ======================
13:00:04.0405 0x19c0 [ 66EB84DA5F31FDA757336444B8D1E3B2, FECAB747B321AD6ED2336C1FB2E756C39883275ED54A559CF7B6989DEA4DD7EB ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:00:04.0644 0x19c0 RTHDVCPL - ok
13:00:04.0664 0x19c0 [ 4420BBAC770EB87AB74E4B9146E18924, 6DB78DB9FD72F1E8C7651D2B3FF090CB4A8C90BA0D11F69D533960CE67170CFC ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
13:00:04.0676 0x19c0 BLEServicesCtrl - ok
13:00:04.0678 0x19c0 BTMTrayAgent - ok
13:00:04.0703 0x19c0 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] C:\Program Files\Microsoft Security Client\msseces.exe
13:00:04.0737 0x19c0 MSC - ok
13:00:04.0743 0x19c0 [ 053C93D5967E08748DBA0E132EAEC0B3, B48A00B00DFDFCF6911911B34788CD359BF90AB66F4A2A3FE177B75EB775C2C2 ] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
13:00:04.0749 0x19c0 NUSB3MON - detected UnsignedFile.Multi.Generic ( 1 )
13:00:07.0413 0x19c0 Detect skipped due to KSN trusted
13:00:07.0413 0x19c0 NUSB3MON - ok
13:00:07.0431 0x19c0 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
13:00:07.0450 0x19c0 avgnt - ok
13:00:07.0460 0x19c0 [ 9C99AF6C0C4892A83066FFA04265F95C, 18E94B8322960C56A7D0BEDF77D026F0318904ECC230B6121E97E6993B999B4F ] C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
13:00:07.0472 0x19c0 StatusAlerts - ok
13:00:07.0484 0x19c0 [ 1606A7B4DA56B3BA369FC612F45A3362, A50B1FADEA3DB60E8D5F18390FD34D8F95D3F0C2C4F78F3791177FCD9CFB21F0 ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
13:00:07.0495 0x19c0 FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
13:00:10.0749 0x19c0 Detect skipped due to KSN trusted
13:00:10.0749 0x19c0 FreePDF Assistant - ok
13:00:10.0756 0x19c0 [ 6EF8ECD06B52726A16CB8CE20338B5D9, 44CA0958E024F5A0AD4AF999AB24221F302D3BB37AC58D406E32C87FC6192CF9 ] C:\Program Files (x86)\PDF24\pdf24.exe
13:00:10.0766 0x19c0 PDFPrint - ok
13:00:10.0771 0x19c0 [ 6A188ECFCA5A2A6F41CA145FC93F96A6, 48D70FAA4C4F6F1F6542E2C54085857CE6906A69C0412E8A08BF69010FDF07CF ] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
13:00:10.0775 0x19c0 EasyTuneVI - detected UnsignedFile.Multi.Generic ( 1 )
13:00:13.0610 0x19c0 Detect skipped due to KSN trusted
13:00:13.0610 0x19c0 EasyTuneVI - ok
13:00:13.0632 0x19c0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:00:13.0684 0x19c0 Sidebar - ok
13:00:13.0690 0x19c0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:00:13.0706 0x19c0 mctadmin - ok
13:00:13.0730 0x19c0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:00:13.0761 0x19c0 Sidebar - ok
13:00:13.0767 0x19c0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:00:13.0781 0x19c0 mctadmin - ok
13:00:13.0796 0x19c0 [ 93E5D5B31267DB04C61A15D846BB3787, A73D7DA17C8B58E43E2C81B301D0BBD7973CA2EA85BCF513B8947628E05CA4D4 ] C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
13:00:13.0813 0x19c0 ScreenSplitter - detected UnsignedFile.Multi.Generic ( 1 )
13:00:16.0549 0x19c0 ScreenSplitter ( UnsignedFile.Multi.Generic ) - warning
13:00:16.0549 0x19c0 Force sending object to P2P due to detect: C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
13:00:19.0566 0x19c0 Object send P2P result: true
13:00:22.0471 0x19c0 [ D5D021AEFA851CD0E8948EA4974EF88C, 596C02AFAB31F44A52E8F3BEEC869557C5DB3CDFB2A559721F25614EFE768D53 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
13:00:22.0489 0x19c0 GarminExpressTrayApp - ok
13:00:22.0501 0x19c0 [ 549A6319EAF040D8B8ECFF8ADF9F36D0, CE020A2C761C7D71BAE183AAF3A251909A06C31E518872A9682A8994F4D475B2 ] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
13:00:22.0516 0x19c0 AppEx Accelerator UI - ok
13:00:22.0550 0x19c0 [ B91D5F7C0119DC4EE67684F52631D3E4, 4BFD7A433AB65F77426D21A8F3B38AE0BAF5DDDD952FF2EF3E0E64E8F5D0B30D ] C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe
13:00:22.0586 0x19c0 AEM - ok
13:00:22.0604 0x19c0 [ 5AB8DB8F9CADBFBB3C132E8316FE337E, 18111E333A0EDCBD5A645164DB571E35E2319A250CBFA75616049786E27A9D1A ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
13:00:22.0626 0x19c0 GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26 - ok
13:00:22.0639 0x19c0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
13:00:22.0669 0x19c0 Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64 - ok
13:00:22.0670 0x19c0 Waiting for KSN requests completion. In queue: 5
13:00:23.0670 0x19c0 Waiting for KSN requests completion. In queue: 5
13:00:24.0670 0x19c0 Waiting for KSN requests completion. In queue: 5
13:00:25.0708 0x19c0 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x40000 ( disabled : updated )
13:00:25.0709 0x19c0 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
13:00:25.0712 0x19c0 Win FW state via NFP2: enabled
13:00:28.0403 0x19c0 ============================================================
13:00:28.0403 0x19c0 Scan finished
13:00:28.0403 0x19c0 ============================================================
13:00:28.0411 0x0880 Detected object count: 1
13:00:28.0411 0x0880 Actual detected object count: 1
13:00:38.0996 0x0880 ScreenSplitter ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:38.0996 0x0880 ScreenSplitter ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:41.0754 0x0c34 Deinitialize success
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org
Database version: v2014.10.02.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17280
Sebastian :: SEBASTIAN-PC [limited]
02.10.2014 13:03:21
mbar-log-2014-10-02 (13-03-21).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 315536
Time elapsed: 7 minute(s), 36 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
03.10.2014, 10:45
| #4 |
| /// the machine /// TB-Ausbilder | Unbekannter Upload hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.10.2014, 17:06
| #5 |
| | Unbekannter Upload Moin, hatte alles deaktiviert was ich deaktivieren sollte, aber bei microsoft security essentials hat er dennoch gemeckert. Danke krampf Code:
ATTFilter ComboFix 14-10-04.01 - Sebastian 06.10.2014 17:58:48.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.7368.5307 [GMT 2:00]
ausgeführt von:: c:\users\Sebastian\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
c:\users\SEBAST~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Sebastian\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-09-06 bis 2014-10-06 ))))))))))))))))))))))))))))))
.
.
2014-10-06 16:02 . 2014-10-06 16:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-05 20:33 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8D3B3207-140C-4C98-ACAC-10F816CA3735}\mpengine.dll
2014-10-03 09:41 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-09-22 13:03 . 2014-09-22 13:03 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2014-09-22 13:03 . 2014-09-22 13:03 -------- d-----w- c:\programdata\Malwarebytes
2014-09-22 13:03 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-09-22 13:03 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-12 17:40 . 2014-09-12 17:40 -------- d-----w- c:\programdata\ATI
2014-09-12 17:39 . 2014-09-12 17:39 -------- d-----w- c:\program files\AMD Quick Stream
2014-09-12 17:39 . 2014-09-12 17:39 -------- d-----w- c:\program files (x86)\AMD AVT
2014-09-12 17:39 . 2014-09-12 17:39 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2014-09-12 17:38 . 2014-02-16 16:23 60640 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2014-09-12 17:37 . 2014-09-12 17:38 -------- d-----w- c:\program files\ATI Technologies
2014-09-12 17:04 . 2014-09-12 17:04 -------- d-----w- c:\program files\CCleaner
2014-09-10 01:00 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-10 01:00 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-09 19:42 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-09 19:42 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-09-09 19:41 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-09 19:41 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-09-09 19:40 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-09-09 19:40 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-09 19:40 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-09-09 19:40 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-09-09 19:40 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-09-09 19:40 . 2014-09-05 02:10 578048 ----a-w- c:\windows\system32\aepdu.dll
2014-09-09 19:40 . 2014-09-05 02:05 424448 ----a-w- c:\windows\system32\aeinv.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-06 16:03 . 2014-02-07 00:23 25640 ----a-w- c:\windows\gdrv.sys
2014-10-06 16:02 . 2014-07-20 14:22 65536 ----a-w- c:\windows\system32\spu_storage.bin
2014-10-06 15:26 . 2014-02-12 19:34 30528 ----a-w- c:\windows\GVTDrv64.sys
2014-10-06 15:26 . 2014-02-12 19:34 25640 ----a-w- c:\windows\etdrv.sys
2014-09-25 17:04 . 2014-06-13 18:04 590536 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-09-24 14:42 . 2014-04-29 15:58 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-24 14:42 . 2014-04-29 15:58 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-22 06:42 . 2010-11-21 03:27 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-17 20:44 . 2014-02-27 19:21 1188440 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-09-10 01:00 . 2014-02-07 00:14 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-08-23 02:07 . 2014-08-28 07:24 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 07:24 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-08-28 07:24 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-12 16:49 . 2014-08-12 16:49 127872 ----a-w- c:\windows\system32\amdhcp64.dll
2014-08-12 16:49 . 2014-08-12 16:49 117560 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2014-08-12 16:49 . 2014-08-12 16:49 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-08-12 16:49 . 2014-08-12 16:49 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-08-12 16:49 . 2014-08-12 16:49 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-08-12 16:49 . 2014-08-12 16:49 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-08-12 16:49 . 2014-08-12 16:49 143304 ----a-w- c:\windows\system32\atiuxp64.dll
2014-08-12 16:49 . 2013-12-06 22:03 126336 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-08-12 16:48 . 2014-04-18 02:42 99520 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-08-12 16:48 . 2014-02-07 16:31 117584 ----a-w- c:\windows\system32\atiu9p64.dll
2014-08-12 16:48 . 2014-02-07 16:31 1331424 ----a-w- c:\windows\system32\aticfx64.dll
2014-08-12 16:48 . 2014-02-07 16:31 1110992 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-08-12 16:47 . 2014-08-12 16:47 10527312 ----a-w- c:\windows\system32\atidxx64.dll
2014-08-12 16:47 . 2013-12-06 21:59 9023464 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-08-12 16:47 . 2014-04-18 02:42 7102496 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-08-12 16:47 . 2014-04-18 02:42 6879016 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-08-12 16:47 . 2014-02-07 16:31 7892000 ----a-w- c:\windows\system32\atiumd6a.dll
2014-08-12 16:47 . 2014-02-07 16:31 8108312 ----a-w- c:\windows\system32\atiumd64.dll
2014-08-12 15:56 . 2014-08-12 15:56 276192 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-08-12 15:20 . 2014-08-12 15:20 15965184 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-08-12 15:07 . 2014-08-12 15:07 231424 ----a-w- c:\windows\system32\clinfo.exe
2014-08-12 15:06 . 2014-08-12 15:06 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-08-12 15:06 . 2014-08-12 15:06 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-08-12 15:06 . 2014-08-12 15:06 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-08-12 15:06 . 2014-08-12 15:06 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-08-12 15:06 . 2014-08-12 15:06 32876544 ----a-w- c:\windows\system32\amdocl64.dll
2014-08-12 15:03 . 2014-08-12 15:03 27843072 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-08-12 15:00 . 2014-08-12 15:00 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-08-12 15:00 . 2014-08-12 15:00 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-08-12 14:49 . 2014-08-12 14:49 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-08-12 14:49 . 2014-08-12 14:49 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-08-12 14:48 . 2014-08-12 14:48 5225472 ----a-w- c:\windows\system32\amdmantle64.dll
2014-08-12 14:41 . 2014-08-12 14:41 27528704 ----a-w- c:\windows\system32\atio6axx.dll
2014-08-12 14:32 . 2014-08-12 14:32 4180992 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-08-12 14:21 . 2014-08-12 14:21 23027712 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-08-12 14:16 . 2014-08-12 14:16 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-08-12 14:16 . 2014-08-12 14:16 366592 ----a-w- c:\windows\system32\atiapfxx.exe
2014-08-12 14:16 . 2014-08-12 14:16 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2014-08-12 14:16 . 2014-08-12 14:16 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-08-12 14:16 . 2014-08-12 14:16 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-08-12 14:16 . 2014-08-12 14:16 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-08-12 14:16 . 2014-08-12 14:16 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-08-12 14:16 . 2014-08-12 14:16 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-08-12 14:13 . 2014-08-12 14:13 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-08-12 14:00 . 2014-08-12 14:00 48128 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-08-12 14:00 . 2014-08-12 14:00 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-08-12 14:00 . 2014-08-12 14:00 37888 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-08-12 13:59 . 2014-08-12 13:59 31232 ----a-w- c:\windows\system32\atimuixx.dll
2014-08-12 13:59 . 2014-08-12 13:59 588800 ----a-w- c:\windows\system32\atieclxx.exe
2014-08-12 13:59 . 2014-08-12 13:59 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2014-08-12 13:58 . 2014-08-12 13:58 190976 ----a-w- c:\windows\system32\atitmm64.dll
2014-08-12 13:43 . 2014-08-12 13:43 826368 ----a-w- c:\windows\system32\coinst_14.20.dll
2014-08-12 13:35 . 2014-08-12 13:35 95744 ----a-w- c:\windows\system32\amdave64.dll
2014-08-12 13:35 . 2014-08-12 13:35 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2014-08-12 13:34 . 2014-08-12 13:34 89088 ----a-w- c:\windows\system32\atisamu64.dll
2014-08-12 13:34 . 2014-08-12 13:34 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2014-08-12 13:34 . 2014-08-12 13:34 1207296 ----a-w- c:\windows\system32\atiadlxx.dll
2014-08-12 13:34 . 2013-12-06 20:22 898560 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2014-08-12 13:34 . 2014-08-12 13:34 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2014-08-12 13:34 . 2014-08-12 13:34 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2014-08-12 13:34 . 2014-08-12 13:34 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-08-12 13:34 . 2014-08-12 13:34 146944 ----a-w- c:\windows\system32\atig6txx.dll
2014-08-12 13:33 . 2014-08-12 13:33 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2014-08-12 13:33 . 2014-08-12 13:33 557568 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-08-12 13:28 . 2014-08-12 13:28 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2014-08-12 09:17 . 2014-08-12 09:17 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-08-12 09:12 . 2014-08-12 09:12 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2014-07-30 20:45 . 2014-07-30 20:45 262096 ----a-w- c:\windows\system32\gcp_portmon64.dll
2014-07-25 10:55 . 2014-05-15 10:50 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-17 16:05 . 2014-07-17 16:05 269008 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2014-07-17 16:05 . 2013-09-27 08:53 125584 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-07-14 02:02 . 2014-08-14 01:27 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-14 01:27 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-07-09 02:03 . 2014-08-14 01:27 7168 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-07-09 02:03 . 2014-08-14 01:27 7168 ----a-w- c:\windows\system32\KBDTAT.DLL
2014-07-09 02:03 . 2014-08-14 01:27 7168 ----a-w- c:\windows\system32\KBDRU1.DLL
2014-07-09 02:03 . 2014-08-14 01:27 6656 ----a-w- c:\windows\system32\KBDRU.DLL
2014-07-09 02:03 . 2014-08-14 01:27 7168 ----a-w- c:\windows\system32\KBDBASH.DLL
2014-07-09 01:31 . 2014-08-14 01:27 7168 ----a-w- c:\windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31 . 2014-08-14 01:27 6656 ----a-w- c:\windows\SysWow64\KBDBASH.DLL
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-03 19:38 223432 ----a-w- c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-03 19:38 223432 ----a-w- c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-03 19:38 223432 ----a-w- c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ScreenSplitter"="c:\program files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe" [2013-07-24 695296]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2014-08-07 688984]
"AppEx Accelerator UI"="c:\program files\AMD Quick Stream\AMDQuickStream.exe" [2014-03-31 482528]
"AEM"="c:\program files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe" [2014-07-16 1721128]
"GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-09-23 852808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-08-05 751184]
"StatusAlerts"="c:\program files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2012-07-18 313248]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2014-01-09 374784]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2014-06-04 191528]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-08-12 767200]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-08-27 164656]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2014-08-07 688984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
R2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
R3 cpuz136;cpuz136;c:\users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys;c:\windows\SYSNATIVE\DRIVERS\evolve.sys [x]
R3 getbus;getbus;c:\users\SEBAST~1\AppData\Local\Temp\getbus.sys;c:\users\SEBAST~1\AppData\Local\Temp\getbus.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PDF Architect 2;PDF Architect 2;c:\program files (x86)\PDF Architect 2\ws.exe;c:\program files (x86)\PDF Architect 2\ws.exe [x]
R3 pdfforge CrashHandler;pdfforge CrashHandler;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AEM Service5;AEM Service5;c:\program files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe ;c:\program files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys;c:\program files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 APXACC;AppEx Networks Accelerator LWF;c:\windows\system32\DRIVERS\appexDrv.sys;c:\windows\SYSNATIVE\DRIVERS\appexDrv.sys [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 PDF Architect 2 Creator;PDF Architect 2 Creator;c:\program files (x86)\PDF Architect 2\creator-ws.exe;c:\program files (x86)\PDF Architect 2\creator-ws.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 ibtusb;Intel(R) Wireless Bluetooth(R) 4.0 + HS-Adapter;c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-25 17:15 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-10-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29 14:42]
.
2014-10-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07 05:42]
.
2014-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07 05:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-03 19:38 262344 ----a-w- c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-03 19:38 262344 ----a-w- c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-03 19:38 262344 ----a-w- c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-09-25 17:05 2334416 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-09-25 17:05 2334416 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-09-25 17:05 2334416 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-09-03 13651672]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-09-17 184112]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-05-21 7830328]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
"NUSB3MON"="c:\program files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe" [2012-04-11 97280]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mDefault_Search_URL = www.google.com
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
LSP: %windir%\system32\vsocklib.dll
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3995683688-22251476-601076843-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3995683688-22251476-601076843-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Player\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\TeamViewer\Version9\TeamViewer.exe
c:\program files (x86)\TeamViewer\Version9\tv_w32.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-10-06 18:04:33 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-10-06 16:04
.
Vor Suchlauf: 15 Verzeichnis(se), 34.056.536.064 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 34.496.430.080 Bytes frei
.
- - End Of File - - A62F44EF9DB50996AF35D0B53D6C66F1
A36C5E4F47E84449FF07ED3517B43A31
|
|
07.10.2014, 13:38
| #6 |
| /// the machine /// TB-Ausbilder | Unbekannter Upload Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Unbekannter Upload |
|
13.10.2014, 13:08
| #7 |
| | Unbekannter Upload Hallo, hier die gewünschten Logs: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 13.10.2014 Scan Time: 13:38:34 Logfile: MBMA.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.10.13.02 Rootkit Database: v2014.10.11.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Sebastian Scan Type: Threat Scan Result: Completed Objects Scanned: 326347 Time Elapsed: 7 min, 54 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v4.000 - Bericht erstellt am 13/10/2014 um 13:58:41
# DB v2014-10-12.3
# Aktualisiert 12/10/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Sebastian - SEBASTIAN-PC
# Gestartet von : C:\Users\Sebastian\Downloads\AdwCleaner_4.000.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Sebastian\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\ProgramData\Tarma Installer
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17280
-\\ Google Chrome v37.0.2062.124
Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=FF&o=14594&locale=en_US&apn_uid=526931a6-e79f-40c6-8cb9-159bb43add78&apn_ptnrs=FV&apn_sauid=6A0DA348-3FCD-45FC-BA95-AE1F009416FC&apn_dtid=YYYYYYYYDE&q={searchTerms}
*************************
AdwCleaner[R0].txt - [1081 octets] - [13/10/2014 13:57:02]
AdwCleaner[S0].txt - [1199 octets] - [13/10/2014 13:58:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1259 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.2 (10.09.2014:1)
OS: Windows 7 Professional x64
Ran by Sebastian on 13.10.2014 at 14:02:08,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\CloudBerry Explorer for Amazon S3
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.10.2014 at 14:04:26,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by Sebastian (administrator) on SEBASTIAN-PC on 13-10-2014 14:06:14
Running from C:\Users\Sebastian\Downloads
Loaded Profile: Sebastian (Available profiles: Sebastian)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\ProgramData\Avira\My Avira\Temp\avira_de.exe
(Avira Operations GmbH & Co. KG) C:\ProgramData\Avira\My Avira\Temp\avira_de.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [374784 2014-01-09] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-08-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [{9bd9b85e-7792-483b-a318-cc51ff0877ed}] => C:\ProgramData\Package Cache\{9bd9b85e-7792-483b-a318-cc51ff0877ed}\Avira.OE.Setup.Bundle.exe [757168 2014-10-13] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [695296 2013-07-24] (LG Electronics)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AEM] => C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe [1721128 2014-07-16] (Namtuk.com)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCC7BE164C723CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "", "hxxp://www.google.com", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1403882782&from=kmp&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF133361R"
CHR DefaultSearchKeyword: Default -> google.de__
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-29]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-29]
CHR Extension: (Google-Suche) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-29]
CHR Extension: (AdBlock) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-29]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-06-29]
CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-06-29]
CHR Extension: (Google Mail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-29]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AEM Service5; C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe [334848 2014-07-16] (Namtuk.com) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-12] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738344 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-04-29] (Echobit, LLC)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-06] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-02-12] (REALiX(tm))
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [114632 2013-08-28] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3599840 2013-10-14] (Intel Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 getbus; \??\C:\Users\SEBAST~1\AppData\Local\Temp\getbus.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-13 14:06 - 2014-10-13 14:06 - 00000000 ____D () C:\Users\Sebastian\Downloads\FRST-OlderVersion
2014-10-13 14:04 - 2014-10-13 14:04 - 00000780 _____ () C:\Users\Sebastian\Desktop\JRT.txt
2014-10-13 14:02 - 2014-10-13 14:02 - 00000000 ____D () C:\Windows\ERUNT
2014-10-13 14:01 - 2014-10-13 14:01 - 01705755 _____ (Thisisu) C:\Users\Sebastian\Downloads\JRT.exe
2014-10-13 13:56 - 2014-10-13 13:58 - 00000000 ____D () C:\AdwCleaner
2014-10-13 13:48 - 2014-10-13 13:48 - 01976320 _____ () C:\Users\Sebastian\Downloads\AdwCleaner_4.000.exe
2014-10-12 23:26 - 2014-10-12 23:26 - 00002775 _____ () C:\Users\Sebastian\Downloads\mailFilters.xml
2014-10-11 10:43 - 2014-10-11 11:14 - 00000000 ____D () C:\Users\Sebastian\Desktop\Neuer Ordner
2014-10-11 10:43 - 2014-10-11 10:43 - 01253033 _____ () C:\Users\Sebastian\Downloads\sb-v8-autoupdater.7z
2014-10-08 20:28 - 2014-10-08 20:30 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-10-06 18:04 - 2014-10-06 18:04 - 00029146 _____ () C:\ComboFix.txt
2014-10-06 17:58 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-06 17:58 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-06 17:58 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-06 17:54 - 2014-10-06 18:04 - 00000000 ____D () C:\Windows\erdnt
2014-10-06 17:54 - 2014-10-06 18:04 - 00000000 ____D () C:\Qoobox
2014-10-06 17:27 - 2014-10-06 17:28 - 05582481 ____R (Swearware) C:\Users\Sebastian\Downloads\ComboFix.exe
2014-10-02 13:02 - 2014-10-02 13:24 - 00000000 ____D () C:\Users\Sebastian\Desktop\mbar
2014-10-02 13:02 - 2014-10-02 13:24 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-02 13:00 - 2014-10-02 13:01 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Sebastian\Downloads\mbar-1.07.0.1012.exe
2014-10-02 12:58 - 2014-10-02 12:58 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sebastian\Downloads\tdsskiller.exe
2014-10-02 12:16 - 2014-10-02 12:16 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (2).txt
2014-10-02 12:15 - 2014-10-02 12:15 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (2).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (1).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (1).txt
2014-10-02 11:37 - 2014-10-02 11:37 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition.txt
2014-10-02 11:36 - 2014-10-13 14:06 - 00021384 _____ () C:\Users\Sebastian\Downloads\FRST.txt
2014-10-02 11:36 - 2014-10-13 14:06 - 00000000 ____D () C:\FRST
2014-10-02 11:35 - 2014-10-13 14:06 - 02110464 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2014-09-30 19:25 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:25 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-28 13:58 - 2014-09-28 13:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TrafficMonitor
2014-09-28 13:58 - 2014-09-28 13:58 - 00000000 ____D () C:\ProgramData\TrafficMonitor
2014-09-28 13:57 - 2014-09-28 13:57 - 03469477 _____ () C:\Users\Sebastian\Downloads\trafficmsw.zip
2014-09-27 22:04 - 2014-09-27 22:04 - 00540302 _____ () C:\Users\Sebastian\Downloads\SeaGiant.zip
2014-09-24 17:09 - 2014-09-24 17:10 - 00000000 ____D () C:\Users\Sebastian\Desktop\SmartCC
2014-09-24 17:09 - 2014-09-24 17:09 - 01027788 _____ () C:\Users\Sebastian\Downloads\sb-v3.7z
2014-09-24 08:44 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 08:44 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 21:18 - 2014-09-23 21:22 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly (1).zip
2014-09-23 20:17 - 2014-09-23 20:17 - 00000000 ____D () C:\Users\Sebastian\Downloads\Postversand
2014-09-23 20:16 - 2014-09-23 20:16 - 01644283 _____ () C:\Users\Sebastian\Downloads\Postversand.zip
2014-09-23 20:03 - 2014-09-23 20:40 - 00036864 _____ () C:\Users\Sebastian\Downloads\Airline Mailing Address.xls
2014-09-22 20:41 - 2014-09-22 20:41 - 02324917 _____ () C:\Users\Sebastian\Downloads\crashcrawlerv8.zip
2014-09-22 18:47 - 2014-10-06 18:00 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-22 18:47 - 2014-09-22 18:47 - 00000000 ____D () C:\ProgramData\Licenses
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-09-22 18:43 - 2014-09-22 18:43 - 21407864 _____ (Simply Super Software ) C:\Users\Sebastian\Downloads\trjsetup690.exe
2014-09-22 15:04 - 2014-10-13 13:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 15:04 - 2014-09-22 15:04 - 00004698 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-22 15:04 - 2014-09-22 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-22 15:03 - 2014-10-08 20:30 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 15:03 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-22 15:03 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-22 15:03 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-22 14:58 - 2014-09-22 14:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-22 14:02 - 2014-09-29 16:05 - 00000000 ____D () C:\Users\Sebastian\Desktop\HC 30
2014-09-22 14:02 - 2014-09-22 14:02 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly.zip
2014-09-20 12:32 - 2014-09-20 12:32 - 02320830 _____ () C:\Users\Sebastian\Downloads\CrashCrawlerV6.zip
2014-09-18 22:37 - 2014-09-18 22:37 - 00093734 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00082970 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00074757 _____ () C:\Users\Sebastian\Downloads\Compensation claim .jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00082829 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris 2.jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00075826 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris .jpeg
2014-09-18 22:28 - 2014-09-18 22:28 - 00096815 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris 1.jpeg
2014-09-18 01:04 - 2014-09-18 01:04 - 00002613 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Robin.Schulz.and.Alligatoah-Willst.Du-WEB-DE-2014-VOiCE.torrent
2014-09-14 23:19 - 2014-09-14 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-09-14 23:18 - 2014-09-14 23:19 - 06057862 _____ (Tim Kosse) C:\Users\Sebastian\Downloads\FileZilla_3.9.0.5_win32-setup.exe
2014-09-13 21:16 - 2014-09-13 21:16 - 00763575 _____ () C:\Users\Sebastian\Downloads\ArenaValue.1.0.5.0.zip
2014-09-13 13:50 - 2014-10-13 13:59 - 00014580 _____ () C:\Windows\PFRO.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-13 14:06 - 2014-08-05 19:12 - 00001147 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-13 14:06 - 2014-02-07 07:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-13 14:06 - 2014-02-07 07:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-13 14:06 - 2014-02-07 07:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-13 14:06 - 2014-02-07 07:26 - 01364265 _____ () C:\Windows\WindowsUpdate.log
2014-10-13 14:05 - 2011-04-12 09:43 - 00701996 _____ () C:\Windows\system32\perfh007.dat
2014-10-13 14:05 - 2011-04-12 09:43 - 00150662 _____ () C:\Windows\system32\perfc007.dat
2014-10-13 14:05 - 2009-07-14 07:13 - 01628294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-13 14:00 - 2014-02-22 13:05 - 00000000 ____D () C:\ProgramData\VMware
2014-10-13 13:59 - 2014-09-12 19:28 - 00004316 _____ () C:\Windows\setupact.log
2014-10-13 13:59 - 2014-07-20 16:22 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-10-13 13:59 - 2014-02-07 07:42 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-13 13:59 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-13 13:42 - 2014-04-29 17:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-13 13:36 - 2014-02-07 01:37 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Battle.net
2014-10-13 13:14 - 2014-02-07 07:42 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-12 11:42 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-12 11:42 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-12 11:35 - 2014-07-30 22:45 - 00006300 _____ () C:\Windows\system32\debug.log
2014-10-12 00:54 - 2014-02-11 21:43 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Skype
2014-10-12 00:38 - 2014-02-07 18:22 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\netz
2014-10-08 19:21 - 2014-02-07 18:56 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-07 18:18 - 2014-03-05 23:29 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\HpUpdate
2014-10-06 18:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-10-06 18:03 - 2014-02-07 02:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-10-06 18:03 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-06 17:26 - 2014-02-12 21:34 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-10-06 17:26 - 2014-02-12 21:34 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2014-10-02 01:41 - 2014-03-19 23:02 - 00000000 ____D () C:\Users\Sebastian\Desktop\Rechnungen refund.me
2014-09-30 01:55 - 2014-02-08 11:14 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\uTorrent
2014-09-28 01:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-25 19:17 - 2014-09-12 19:47 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-25 19:06 - 2014-06-13 19:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-24 16:42 - 2014-04-29 17:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 16:42 - 2014-04-29 17:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 16:42 - 2014-04-29 17:58 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 09:56 - 2014-02-07 19:00 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-09-23 02:59 - 2014-05-16 00:29 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-09-23 02:59 - 2014-02-22 02:30 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-09-22 18:20 - 2014-08-30 12:43 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest (1)
2014-09-22 18:20 - 2014-08-08 16:25 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest
2014-09-22 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-09-22 15:05 - 2014-05-15 12:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-22 15:04 - 2014-05-15 12:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-22 13:56 - 2014-02-18 21:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 18:36 - 2014-02-08 13:34 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\vlc
2014-09-20 12:38 - 2014-09-07 13:22 - 00000000 ____D () C:\Users\Sebastian\Desktop\HC
2014-09-16 21:25 - 2014-08-30 01:06 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\FileZilla
2014-09-16 02:03 - 2014-06-14 19:30 - 00001112 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-16 02:03 - 2014-06-14 19:30 - 00001100 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-14 23:19 - 2014-08-30 01:05 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\Temp\avgnt.exe
C:\Users\Sebastian\AppData\Local\Temp\Quarantine.exe
C:\Users\Sebastian\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-06 17:48
==================== End Of Log ============================
|
|
14.10.2014, 08:39
| #8 |
| /// the machine /// TB-Ausbilder | Unbekannter UploadESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.10.2014, 23:41
| #9 |
| | Unbekannter Upload Hi, Problem besteht leider weiterhin, Eset hat wohl auch einige Dinge gefunden. Grüße krampf Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=db73c508ef80b64ba32d7060bb7ab9c6
# engine=20613
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-15 05:24:57
# local_time=2014-10-15 07:24:57 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 7945 26041922 0 0
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 2247721 36374291 0 0
# scanned=199188
# found=9
# cleaned=0
# scan_time=5013
sh=3B2C6F08E067B4013B78F0016E63214ADA4139F3 ft=1 fh=7486909139e87987 vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3995683688-22251476-601076843-1000\$RKKCKZE\SmartBotClient.exe"
sh=5B8C35A31F88C2C119610C67CBBFE60D690FD109 ft=1 fh=a6936b7a5812caae vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebastian\Desktop\Neuer Ordner\DebugTool.exe"
sh=3F7117C4D7A1361BF7A8B9650C21CE6BF78AF0D5 ft=1 fh=cb4cec47b87b5c02 vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebastian\Desktop\Neuer Ordner\ProfileCompiler.exe"
sh=6350DDA743CCE658B1377581C8E8734ED9A94A81 ft=1 fh=c4063b8e35df0a7a vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebastian\Desktop\Neuer Ordner\SmartBotGUI.exe"
sh=2E79D609E04AE283CE9812B256A68D20A7F118FC ft=1 fh=271a9a06c5353ac6 vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebastian\Desktop\Neuer Ordner\SmartBotUpdater.exe"
sh=446E344A4F539271FDC5389612B52FD10DC1D1DA ft=1 fh=7384d50452ea868f vn="Variante von Win32/InstallCore.QH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebastian\Downloads\FileZilla_3.2.7.1_win32-setup.exe"
sh=7C2BE43355F8BC5B8EE5630EEB64687D30C56A45 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebastian\Downloads\sb-v3.7z"
sh=32D402D4DCA7FDB3D4EA98CD1853313D7DD7A3D0 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebastian\Downloads\sb-v8-autoupdater.7z"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="${Memory}"
Code:
ATTFilter Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Microsoft Security Essentials
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities 2014
TuneUp Utilities 2014 (de-DE)
TuneUp Utilities 2014
Java 7 Update 67
Adobe Flash Player 15.0.0.152
Adobe Reader XI
Google Chrome 37.0.2062.124
Google Chrome 38.0.2125.104
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-10-2014 02
Ran by Sebastian (administrator) on SEBASTIAN-PC on 16-10-2014 00:38:41
Running from C:\Users\Sebastian\Downloads
Loaded Profile: Sebastian (Available profiles: Sebastian)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [374784 2014-01-09] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-08-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [695296 2013-07-24] (LG Electronics)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AEM] => C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe [1721128 2014-07-16] (Namtuk.com)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-10] (Google Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCC7BE164C723CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "", "hxxp://www.google.com", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1403882782&from=kmp&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF133361R"
CHR DefaultSearchKeyword: Default -> google.de__
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-29]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-29]
CHR Extension: (Google-Suche) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-29]
CHR Extension: (AdBlock) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-29]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-06-29]
CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-06-29]
CHR Extension: (Google Mail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-29]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AEM Service5; C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe [334848 2014-07-16] (Namtuk.com) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-12] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738344 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-04-29] (Echobit, LLC)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-06] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-02-12] (REALiX(tm))
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [114632 2013-08-28] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3599840 2013-10-14] (Intel Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 getbus; \??\C:\Users\SEBAST~1\AppData\Local\Temp\getbus.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-15 19:44 - 2014-10-15 19:44 - 00854417 _____ () C:\Users\Sebastian\Downloads\SecurityCheck.exe
2014-10-15 17:57 - 2014-10-15 17:57 - 02347384 _____ (ESET) C:\Users\Sebastian\Downloads\esetsmartinstaller_deu.exe
2014-10-15 17:57 - 2014-10-15 17:57 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-14 09:42 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-14 09:42 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-10-14 09:42 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-14 09:42 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-13 20:28 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-10-13 20:28 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-13 20:28 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-13 20:28 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-10-13 20:28 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-10-13 20:28 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-13 20:28 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-13 20:28 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-10-13 20:28 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-10-13 20:28 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-10-13 20:28 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-10-13 20:28 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-10-13 20:28 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-13 20:28 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-13 20:28 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-10-13 20:28 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-13 20:28 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-10-13 20:28 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-10-13 20:28 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-10-13 20:28 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-10-13 20:28 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-10-13 20:27 - 2012-09-28 02:11 - 00407552 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn140.dll
2014-10-13 20:27 - 2012-09-28 02:05 - 00408576 _____ () C:\Windows\SysWOW64\hpcc3140.DLL
2014-10-13 20:26 - 2012-08-30 19:52 - 00512512 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.DLL
2014-10-13 14:08 - 2014-10-13 14:08 - 00000000 ____D () C:\ProgramData\CloudBerry Explorer for Amazon S3
2014-10-13 14:06 - 2014-10-16 00:38 - 00000000 ____D () C:\Users\Sebastian\Downloads\FRST-OlderVersion
2014-10-13 14:04 - 2014-10-13 14:04 - 00000780 _____ () C:\Users\Sebastian\Desktop\JRT.txt
2014-10-13 14:02 - 2014-10-13 14:02 - 00000000 ____D () C:\Windows\ERUNT
2014-10-13 14:01 - 2014-10-13 14:01 - 01705755 _____ (Thisisu) C:\Users\Sebastian\Downloads\JRT.exe
2014-10-13 13:56 - 2014-10-13 13:58 - 00000000 ____D () C:\AdwCleaner
2014-10-13 13:48 - 2014-10-13 13:48 - 01976320 _____ () C:\Users\Sebastian\Downloads\AdwCleaner_4.000.exe
2014-10-12 23:26 - 2014-10-12 23:26 - 00002775 _____ () C:\Users\Sebastian\Downloads\mailFilters.xml
2014-10-11 10:43 - 2014-10-14 01:03 - 00000000 ____D () C:\Users\Sebastian\Desktop\Neuer Ordner
2014-10-11 10:43 - 2014-10-11 10:43 - 01253033 _____ () C:\Users\Sebastian\Downloads\sb-v8-autoupdater.7z
2014-10-08 20:28 - 2014-10-08 20:30 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-10-06 18:04 - 2014-10-06 18:04 - 00029146 _____ () C:\ComboFix.txt
2014-10-06 17:58 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-06 17:58 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-06 17:58 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-06 17:54 - 2014-10-06 18:04 - 00000000 ____D () C:\Windows\erdnt
2014-10-06 17:54 - 2014-10-06 18:04 - 00000000 ____D () C:\Qoobox
2014-10-06 17:27 - 2014-10-06 17:28 - 05582481 ____R (Swearware) C:\Users\Sebastian\Downloads\ComboFix.exe
2014-10-02 13:02 - 2014-10-02 13:24 - 00000000 ____D () C:\Users\Sebastian\Desktop\mbar
2014-10-02 13:02 - 2014-10-02 13:24 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-02 13:00 - 2014-10-02 13:01 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Sebastian\Downloads\mbar-1.07.0.1012.exe
2014-10-02 12:58 - 2014-10-02 12:58 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sebastian\Downloads\tdsskiller.exe
2014-10-02 12:16 - 2014-10-02 12:16 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (2).txt
2014-10-02 12:15 - 2014-10-02 12:15 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (2).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (1).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (1).txt
2014-10-02 11:37 - 2014-10-02 11:37 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition.txt
2014-10-02 11:36 - 2014-10-16 00:38 - 00021033 _____ () C:\Users\Sebastian\Downloads\FRST.txt
2014-10-02 11:36 - 2014-10-16 00:38 - 00000000 ____D () C:\FRST
2014-10-02 11:35 - 2014-10-16 00:38 - 02111488 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2014-09-30 19:25 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:25 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-28 13:58 - 2014-09-28 13:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TrafficMonitor
2014-09-28 13:58 - 2014-09-28 13:58 - 00000000 ____D () C:\ProgramData\TrafficMonitor
2014-09-28 13:57 - 2014-09-28 13:57 - 03469477 _____ () C:\Users\Sebastian\Downloads\trafficmsw.zip
2014-09-27 22:04 - 2014-09-27 22:04 - 00540302 _____ () C:\Users\Sebastian\Downloads\SeaGiant.zip
2014-09-24 17:09 - 2014-09-24 17:09 - 01027788 _____ () C:\Users\Sebastian\Downloads\sb-v3.7z
2014-09-24 08:44 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 08:44 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 21:18 - 2014-09-23 21:22 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly (1).zip
2014-09-23 20:17 - 2014-09-23 20:17 - 00000000 ____D () C:\Users\Sebastian\Downloads\Postversand
2014-09-23 20:16 - 2014-09-23 20:16 - 01644283 _____ () C:\Users\Sebastian\Downloads\Postversand.zip
2014-09-23 20:03 - 2014-09-23 20:40 - 00036864 _____ () C:\Users\Sebastian\Downloads\Airline Mailing Address.xls
2014-09-22 20:41 - 2014-09-22 20:41 - 02324917 _____ () C:\Users\Sebastian\Downloads\crashcrawlerv8.zip
2014-09-22 18:47 - 2014-10-06 18:00 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-22 18:47 - 2014-09-22 18:47 - 00000000 ____D () C:\ProgramData\Licenses
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-09-22 18:43 - 2014-09-22 18:43 - 21407864 _____ (Simply Super Software ) C:\Users\Sebastian\Downloads\trjsetup690.exe
2014-09-22 15:04 - 2014-10-13 13:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 15:04 - 2014-09-22 15:04 - 00004698 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-22 15:04 - 2014-09-22 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-22 15:03 - 2014-10-08 20:30 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 15:03 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-22 15:03 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-22 15:03 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-22 14:58 - 2014-09-22 14:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-22 14:02 - 2014-09-22 14:02 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly.zip
2014-09-20 12:32 - 2014-09-20 12:32 - 02320830 _____ () C:\Users\Sebastian\Downloads\CrashCrawlerV6.zip
2014-09-18 22:37 - 2014-09-18 22:37 - 00093734 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00082970 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00074757 _____ () C:\Users\Sebastian\Downloads\Compensation claim .jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00082829 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris 2.jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00075826 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris .jpeg
2014-09-18 22:28 - 2014-09-18 22:28 - 00096815 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris 1.jpeg
2014-09-18 01:04 - 2014-09-18 01:04 - 00002613 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Robin.Schulz.and.Alligatoah-Willst.Du-WEB-DE-2014-VOiCE.torrent
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-16 00:35 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-16 00:35 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-16 00:14 - 2014-02-07 07:42 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-15 23:42 - 2014-04-29 17:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-15 23:14 - 2014-02-07 07:42 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-15 22:25 - 2014-02-07 07:26 - 01734867 _____ () C:\Windows\WindowsUpdate.log
2014-10-15 20:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-15 20:14 - 2011-04-12 09:43 - 00701996 _____ () C:\Windows\system32\perfh007.dat
2014-10-15 20:14 - 2011-04-12 09:43 - 00150662 _____ () C:\Windows\system32\perfc007.dat
2014-10-15 20:14 - 2009-07-14 07:13 - 01628294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-15 20:10 - 2014-09-12 19:28 - 00004540 _____ () C:\Windows\setupact.log
2014-10-15 20:10 - 2014-07-30 22:45 - 00006840 _____ () C:\Windows\system32\debug.log
2014-10-15 20:10 - 2014-02-22 13:05 - 00000000 ____D () C:\ProgramData\VMware
2014-10-15 20:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-15 20:09 - 2014-07-20 16:22 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-10-15 20:08 - 2014-02-07 01:37 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Battle.net
2014-10-15 17:19 - 2014-09-12 19:47 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-15 17:16 - 2014-02-07 18:56 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-14 11:35 - 2014-02-18 18:34 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-14 11:35 - 2014-02-07 07:47 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-14 11:35 - 2014-02-07 07:47 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-13 20:30 - 2014-09-13 13:50 - 00019612 _____ () C:\Windows\PFRO.log
2014-10-13 20:30 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 20:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-13 20:28 - 2014-02-07 07:33 - 01601638 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-13 14:06 - 2014-08-05 19:12 - 00001147 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-13 14:06 - 2014-02-07 07:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-13 14:06 - 2014-02-07 07:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-13 14:06 - 2014-02-07 07:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-12 00:54 - 2014-02-11 21:43 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Skype
2014-10-12 00:38 - 2014-02-07 18:22 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\netz
2014-10-07 18:18 - 2014-03-05 23:29 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\HpUpdate
2014-10-06 18:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-10-06 18:03 - 2014-02-07 02:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-10-06 18:03 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-06 17:26 - 2014-02-12 21:34 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-10-06 17:26 - 2014-02-12 21:34 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2014-10-02 01:41 - 2014-03-19 23:02 - 00000000 ____D () C:\Users\Sebastian\Desktop\Rechnungen refund.me
2014-09-30 01:55 - 2014-02-08 11:14 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\uTorrent
2014-09-25 19:06 - 2014-06-13 19:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-24 16:42 - 2014-04-29 17:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 16:42 - 2014-04-29 17:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 16:42 - 2014-04-29 17:58 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 09:56 - 2014-02-07 19:00 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-09-23 02:59 - 2014-05-16 00:29 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-09-23 02:59 - 2014-02-22 02:30 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-09-22 18:20 - 2014-08-30 12:43 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest (1)
2014-09-22 18:20 - 2014-08-08 16:25 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest
2014-09-22 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-09-22 15:05 - 2014-05-15 12:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-22 15:04 - 2014-05-15 12:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-22 13:56 - 2014-02-18 21:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 18:36 - 2014-02-08 13:34 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\vlc
2014-09-16 21:25 - 2014-08-30 01:06 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\FileZilla
2014-09-16 02:03 - 2014-06-14 19:30 - 00001112 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-16 02:03 - 2014-06-14 19:30 - 00001100 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\Temp\avgnt.exe
C:\Users\Sebastian\AppData\Local\Temp\Quarantine.exe
C:\Users\Sebastian\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-16 00:03
==================== End Of Log ============================
|
|
16.10.2014, 18:32
| #10 |
| /// the machine /// TB-Ausbilder | Unbekannter Upload Du kannst ja die ESET Funde am Besten beschreiben. Was soll der Schmarn in dem Desktop Ordner?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.10.2014, 23:13
| #11 |
| | Unbekannter Upload So, ich bin alles vor vorn nochmal durchgegangen, nachdem ich alles gemeldete entfernt habe. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-10-2014 01
Ran by Sebastian (administrator) on SEBASTIAN-PC on 18-10-2014 21:07:03
Running from C:\Users\Sebastian\Downloads
Loaded Profile: Sebastian (Available profiles: Sebastian)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.5134\Battle.net.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
() C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
() C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [374784 2014-01-09] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-08-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [695296 2013-07-24] (LG Electronics)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AEM] => C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe [1721128 2014-07-16] (Namtuk.com)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-10] (Google Inc.)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [2699344 2011-11-26] (Plex, Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCC7BE164C723CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "", "hxxp://www.google.com", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1403882782&from=kmp&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF133361R"
CHR DefaultSearchKeyword: Default -> google.de__
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-29]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-29]
CHR Extension: (Google-Suche) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-29]
CHR Extension: (AdBlock) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-29]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-06-29]
CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-06-29]
CHR Extension: (Google Mail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-29]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AEM Service5; C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe [334848 2014-07-16] (Namtuk.com) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-12] (Advanced Micro Devices, Inc.) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738344 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-04-29] (Echobit, LLC)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-06] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-02-12] (REALiX(tm))
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [114632 2013-08-28] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3599840 2013-10-14] (Intel Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R4 avkmgr; system32\DRIVERS\avkmgr.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 getbus; \??\C:\Users\SEBAST~1\AppData\Local\Temp\getbus.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-18 16:46 - 2014-10-18 16:46 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2014-10-18 11:21 - 2014-10-18 11:21 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Apple Computer
2014-10-18 11:21 - 2014-10-18 11:21 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Plex Media Server
2014-10-18 11:21 - 2014-10-18 11:21 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Apple Computer
2014-10-18 11:21 - 2014-10-18 11:21 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-10-18 11:20 - 2014-10-18 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-10-18 11:19 - 2014-10-18 11:19 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-10-18 11:16 - 2014-10-18 11:16 - 00000000 ____D () C:\ProgramData\Apple
2014-10-18 11:16 - 2014-10-18 11:16 - 00000000 ____D () C:\Program Files\Bonjour
2014-10-18 11:16 - 2014-10-18 11:16 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-10-18 11:11 - 2014-10-18 11:36 - 173681482 _____ () C:\Users\Sebastian\Downloads\smartshare.zip
2014-10-18 11:11 - 2014-10-18 11:12 - 52385872 _____ (Microsoft Corporation) C:\Users\Sebastian\Downloads\Plex-Media-Server-v0.9.502-en-US.exe
2014-10-16 23:32 - 2014-10-16 23:32 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-16 23:32 - 2014-10-16 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-16 19:55 - 2014-10-16 19:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-15 19:44 - 2014-10-15 19:44 - 00854417 _____ () C:\Users\Sebastian\Downloads\SecurityCheck.exe
2014-10-15 17:57 - 2014-10-15 17:57 - 02347384 _____ (ESET) C:\Users\Sebastian\Downloads\esetsmartinstaller_deu.exe
2014-10-15 17:15 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 17:15 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 17:15 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 17:15 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 17:15 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 17:15 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 17:15 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 17:15 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 17:15 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 17:15 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 17:15 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 17:15 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 17:15 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 17:15 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 17:15 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 17:15 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 17:15 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 17:15 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 17:15 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 17:15 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 17:15 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 17:15 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 17:15 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 17:15 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 17:15 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 17:15 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 17:15 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 17:15 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 17:15 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 17:15 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 17:15 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 17:15 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 17:15 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 17:15 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 17:15 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 17:15 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 17:15 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 17:15 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 17:15 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 17:15 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 17:15 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 17:15 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 17:15 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 17:15 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 17:15 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 17:15 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 17:15 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 17:15 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 17:15 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 17:15 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 17:15 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 17:15 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 17:15 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 17:15 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 17:15 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 17:15 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 17:15 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 17:15 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 17:15 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 17:15 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 17:15 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 17:15 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 17:15 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 17:15 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 17:15 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 17:15 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 17:15 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 17:15 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 17:15 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 17:15 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 17:15 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 17:15 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 17:15 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 17:15 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 17:15 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 17:15 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 17:15 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 17:15 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 17:15 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 17:15 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 17:15 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 17:15 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 17:15 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 17:15 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 17:15 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 17:15 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 17:15 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 17:15 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 17:15 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 17:15 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 17:15 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 17:15 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 17:15 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 17:15 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 17:15 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 17:14 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 17:14 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 17:14 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 17:14 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 17:14 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 17:14 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 17:14 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 17:14 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 17:14 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 17:14 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 17:14 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 17:14 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 17:14 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 17:14 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 17:14 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 09:42 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-10-13 20:28 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-10-13 20:28 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-13 20:28 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-13 20:28 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-10-13 20:28 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-10-13 20:28 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-13 20:28 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-13 20:28 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-10-13 20:28 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-10-13 20:28 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-10-13 20:28 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-10-13 20:28 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-10-13 20:28 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-13 20:28 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-13 20:28 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-10-13 20:28 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-13 20:28 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-10-13 20:28 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-10-13 20:28 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-10-13 20:28 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-10-13 20:28 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-10-13 20:27 - 2012-09-28 02:11 - 00407552 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn140.dll
2014-10-13 20:27 - 2012-09-28 02:05 - 00408576 _____ () C:\Windows\SysWOW64\hpcc3140.DLL
2014-10-13 20:26 - 2012-08-30 19:52 - 00512512 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.DLL
2014-10-13 14:08 - 2014-10-13 14:08 - 00000000 ____D () C:\ProgramData\CloudBerry Explorer for Amazon S3
2014-10-13 14:06 - 2014-10-18 21:06 - 00000000 ____D () C:\Users\Sebastian\Downloads\FRST-OlderVersion
2014-10-13 14:04 - 2014-10-13 14:04 - 00000780 _____ () C:\Users\Sebastian\Desktop\JRT.txt
2014-10-13 14:02 - 2014-10-13 14:02 - 00000000 ____D () C:\Windows\ERUNT
2014-10-13 14:01 - 2014-10-13 14:01 - 01705755 _____ (Thisisu) C:\Users\Sebastian\Downloads\JRT.exe
2014-10-13 13:56 - 2014-10-13 13:58 - 00000000 ____D () C:\AdwCleaner
2014-10-13 13:48 - 2014-10-13 13:48 - 01976320 _____ () C:\Users\Sebastian\Downloads\AdwCleaner_4.000.exe
2014-10-12 23:26 - 2014-10-12 23:26 - 00002775 _____ () C:\Users\Sebastian\Downloads\mailFilters.xml
2014-10-11 10:43 - 2014-10-11 10:43 - 01253033 _____ () C:\Users\Sebastian\Downloads\sb-v8-autoupdater.7z
2014-10-08 20:28 - 2014-10-08 20:30 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-10-06 18:04 - 2014-10-06 18:04 - 00029146 _____ () C:\ComboFix.txt
2014-10-06 17:58 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-06 17:58 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-06 17:58 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-06 17:54 - 2014-10-06 18:04 - 00000000 ____D () C:\Windows\erdnt
2014-10-06 17:54 - 2014-10-06 18:04 - 00000000 ____D () C:\Qoobox
2014-10-06 17:27 - 2014-10-06 17:28 - 05582481 ____R (Swearware) C:\Users\Sebastian\Downloads\ComboFix.exe
2014-10-02 13:02 - 2014-10-02 13:24 - 00000000 ____D () C:\Users\Sebastian\Desktop\mbar
2014-10-02 13:02 - 2014-10-02 13:24 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-02 13:00 - 2014-10-02 13:01 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Sebastian\Downloads\mbar-1.07.0.1012.exe
2014-10-02 12:58 - 2014-10-02 12:58 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sebastian\Downloads\tdsskiller.exe
2014-10-02 12:16 - 2014-10-02 12:16 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (2).txt
2014-10-02 12:15 - 2014-10-02 12:15 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (2).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (1).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (1).txt
2014-10-02 11:37 - 2014-10-02 11:37 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition.txt
2014-10-02 11:36 - 2014-10-18 21:07 - 00021313 _____ () C:\Users\Sebastian\Downloads\FRST.txt
2014-10-02 11:36 - 2014-10-18 21:07 - 00000000 ____D () C:\FRST
2014-10-02 11:35 - 2014-10-18 21:06 - 02112000 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2014-09-30 19:25 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:25 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-28 13:58 - 2014-09-28 13:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TrafficMonitor
2014-09-28 13:58 - 2014-09-28 13:58 - 00000000 ____D () C:\ProgramData\TrafficMonitor
2014-09-28 13:57 - 2014-09-28 13:57 - 03469477 _____ () C:\Users\Sebastian\Downloads\trafficmsw.zip
2014-09-27 22:04 - 2014-09-27 22:04 - 00540302 _____ () C:\Users\Sebastian\Downloads\SeaGiant.zip
2014-09-24 17:09 - 2014-09-24 17:09 - 01027788 _____ () C:\Users\Sebastian\Downloads\sb-v3.7z
2014-09-24 08:44 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 08:44 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 21:18 - 2014-09-23 21:22 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly (1).zip
2014-09-23 20:17 - 2014-09-23 20:17 - 00000000 ____D () C:\Users\Sebastian\Downloads\Postversand
2014-09-23 20:16 - 2014-09-23 20:16 - 01644283 _____ () C:\Users\Sebastian\Downloads\Postversand.zip
2014-09-23 20:03 - 2014-09-23 20:40 - 00036864 _____ () C:\Users\Sebastian\Downloads\Airline Mailing Address.xls
2014-09-22 20:41 - 2014-09-22 20:41 - 02324917 _____ () C:\Users\Sebastian\Downloads\crashcrawlerv8.zip
2014-09-22 18:47 - 2014-10-06 18:00 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-22 18:47 - 2014-09-22 18:47 - 00000000 ____D () C:\ProgramData\Licenses
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-09-22 18:43 - 2014-09-22 18:43 - 21407864 _____ (Simply Super Software ) C:\Users\Sebastian\Downloads\trjsetup690.exe
2014-09-22 15:04 - 2014-10-18 17:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 15:04 - 2014-09-22 15:04 - 00004698 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-22 15:04 - 2014-09-22 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-22 15:03 - 2014-10-08 20:30 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 15:03 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-22 15:03 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-22 15:03 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-22 14:58 - 2014-09-22 14:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-22 14:02 - 2014-09-22 14:02 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly.zip
2014-09-20 12:32 - 2014-09-20 12:32 - 02320830 _____ () C:\Users\Sebastian\Downloads\CrashCrawlerV6.zip
2014-09-18 22:37 - 2014-09-18 22:37 - 00093734 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00082970 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00074757 _____ () C:\Users\Sebastian\Downloads\Compensation claim .jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00082829 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris 2.jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00075826 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris .jpeg
2014-09-18 22:28 - 2014-09-18 22:28 - 00096815 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris 1.jpeg
2014-09-18 01:04 - 2014-09-18 01:04 - 00002613 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Robin.Schulz.and.Alligatoah-Willst.Du-WEB-DE-2014-VOiCE.torrent
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-18 21:04 - 2014-02-07 01:37 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Battle.net
2014-10-18 20:42 - 2014-04-29 17:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-18 20:14 - 2014-02-07 07:42 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-18 18:09 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-18 18:09 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-18 16:46 - 2014-02-07 07:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-18 12:13 - 2014-02-07 07:26 - 01924562 _____ () C:\Windows\WindowsUpdate.log
2014-10-18 10:26 - 2011-04-12 09:43 - 00701996 _____ () C:\Windows\system32\perfh007.dat
2014-10-18 10:26 - 2011-04-12 09:43 - 00150662 _____ () C:\Windows\system32\perfc007.dat
2014-10-18 10:26 - 2009-07-14 07:13 - 01628294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-18 10:20 - 2014-02-22 13:05 - 00000000 ____D () C:\ProgramData\VMware
2014-10-18 10:19 - 2014-09-12 19:28 - 00004932 _____ () C:\Windows\setupact.log
2014-10-18 10:19 - 2014-07-30 22:45 - 00007290 _____ () C:\Windows\system32\debug.log
2014-10-18 10:19 - 2014-02-07 07:42 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-18 10:19 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-18 02:39 - 2014-07-20 16:22 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-10-17 00:59 - 2014-02-11 21:43 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Skype
2014-10-16 23:52 - 2014-02-07 18:22 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\netz
2014-10-16 23:32 - 2014-02-11 21:43 - 00000000 ____D () C:\ProgramData\Skype
2014-10-16 19:58 - 2014-02-22 13:07 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\VMware
2014-10-16 19:57 - 2014-02-22 13:07 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\VMware
2014-10-16 08:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 07:24 - 2014-09-13 13:50 - 00020296 _____ () C:\Windows\PFRO.log
2014-10-16 07:24 - 2009-07-14 06:45 - 00328664 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 07:23 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 07:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 07:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-16 03:03 - 2014-02-07 02:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 03:00 - 2014-02-07 02:14 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 17:19 - 2014-09-12 19:47 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-15 17:16 - 2014-02-07 18:56 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-13 20:30 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 20:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-13 20:28 - 2014-02-07 07:33 - 01601638 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-13 14:06 - 2014-08-05 19:12 - 00001147 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-13 14:06 - 2014-02-07 07:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-13 14:06 - 2014-02-07 07:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-07 18:18 - 2014-03-05 23:29 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\HpUpdate
2014-10-06 18:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-10-06 18:03 - 2014-02-07 02:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-10-06 18:03 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-06 17:26 - 2014-02-12 21:34 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-10-06 17:26 - 2014-02-12 21:34 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2014-10-02 01:41 - 2014-03-19 23:02 - 00000000 ____D () C:\Users\Sebastian\Desktop\Rechnungen refund.me
2014-09-30 01:55 - 2014-02-08 11:14 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\uTorrent
2014-09-25 19:06 - 2014-06-13 19:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-24 16:42 - 2014-04-29 17:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 16:42 - 2014-04-29 17:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 16:42 - 2014-04-29 17:58 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 09:56 - 2014-02-07 19:00 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-09-23 02:59 - 2014-05-16 00:29 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-09-23 02:59 - 2014-02-22 02:30 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-09-22 18:20 - 2014-08-30 12:43 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest (1)
2014-09-22 18:20 - 2014-08-08 16:25 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest
2014-09-22 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-09-22 15:05 - 2014-05-15 12:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-22 15:04 - 2014-05-15 12:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-22 13:56 - 2014-02-18 21:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 18:36 - 2014-02-08 13:34 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\vlc
Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\Temp\avgnt.exe
C:\Users\Sebastian\AppData\Local\Temp\Quarantine.exe
C:\Users\Sebastian\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-16 00:03
==================== End Of Log ============================
|
|
18.10.2014, 23:15
| #12 |
| | Unbekannter UploadCode:
ATTFilter 21:12:53.0976 0x0cf4 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
21:12:55.0806 0x0cf4 ============================================================
21:12:55.0806 0x0cf4 Current date / time: 2014/10/18 21:12:55.0806
21:12:55.0806 0x0cf4 SystemInfo:
21:12:55.0806 0x0cf4
21:12:55.0806 0x0cf4 OS Version: 6.1.7601 ServicePack: 1.0
21:12:55.0806 0x0cf4 Product type: Workstation
21:12:55.0806 0x0cf4 ComputerName: SEBASTIAN-PC
21:12:55.0806 0x0cf4 UserName: Sebastian
21:12:55.0806 0x0cf4 Windows directory: C:\Windows
21:12:55.0806 0x0cf4 System windows directory: C:\Windows
21:12:55.0806 0x0cf4 Running under WOW64
21:12:55.0806 0x0cf4 Processor architecture: Intel x64
21:12:55.0806 0x0cf4 Number of processors: 4
21:12:55.0806 0x0cf4 Page size: 0x1000
21:12:55.0806 0x0cf4 Boot type: Normal boot
21:12:55.0806 0x0cf4 ============================================================
21:12:55.0849 0x0cf4 KLMD registered as C:\Windows\system32\drivers\24156953.sys
21:12:55.0942 0x0cf4 System UUID: {FE78A10A-DE45-D547-1B13-58B4FF0E4953}
21:12:56.0270 0x0cf4 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:12:56.0270 0x0cf4 Drive \Device\Harddisk1\DR1 - Size: 0x3A3817D6000 ( 3726.02 Gb ), SectorSize: 0x200, Cylinders: 0x76C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:12:56.0276 0x0cf4 ============================================================
21:12:56.0276 0x0cf4 \Device\Harddisk0\DR0:
21:12:56.0276 0x0cf4 MBR partitions:
21:12:56.0276 0x0cf4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:12:56.0276 0x0cf4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
21:12:56.0276 0x0cf4 \Device\Harddisk1\DR1:
21:12:56.0276 0x0cf4 GPT partitions:
21:12:56.0277 0x0cf4 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E01FF506-7EB2-4E25-AA8E-B07FB398FC36}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
21:12:56.0277 0x0cf4 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EAF328F9-814C-40C6-ABC3-6005FCE88F15}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xD1BCB000
21:12:56.0277 0x0cf4 MBR partitions:
21:12:56.0277 0x0cf4 ============================================================
21:12:56.0277 0x0cf4 C: <-> \Device\Harddisk0\DR0\Partition2
21:12:56.0278 0x0cf4 E: <-> \Device\Harddisk1\DR1\Partition2
21:12:56.0278 0x0cf4 ============================================================
21:12:56.0278 0x0cf4 Initialize success
21:12:56.0278 0x0cf4 ============================================================
21:13:02.0839 0x106c ============================================================
21:13:02.0839 0x106c Scan started
21:13:02.0839 0x106c Mode: Manual; SigCheck; TDLFS;
21:13:02.0839 0x106c ============================================================
21:13:02.0839 0x106c KSN ping started
21:13:05.0577 0x106c KSN ping finished: true
21:13:05.0785 0x106c ================ Scan system memory ========================
21:13:05.0785 0x106c System memory - ok
21:13:05.0786 0x106c ================ Scan services =============================
21:13:05.0820 0x106c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:13:05.0857 0x106c 1394ohci - ok
21:13:05.0869 0x106c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:13:05.0883 0x106c ACPI - ok
21:13:05.0887 0x106c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:13:05.0898 0x106c AcpiPmi - ok
21:13:05.0903 0x106c [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:13:05.0911 0x106c AdobeARMservice - ok
21:13:05.0931 0x106c [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:13:05.0942 0x106c AdobeFlashPlayerUpdateSvc - ok
21:13:05.0954 0x106c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:13:05.0971 0x106c adp94xx - ok
21:13:05.0981 0x106c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:13:05.0994 0x106c adpahci - ok
21:13:06.0001 0x106c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:13:06.0012 0x106c adpu320 - ok
21:13:06.0019 0x106c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:13:06.0043 0x106c AeLookupSvc - ok
21:13:06.0053 0x106c [ 2FAD0C11FFD2E47622B06E5D8BC0DBBE, B0508783F40A8964D490E4B15CD33534CCA5D4D9B9AE0481921D975902795C14 ] AEM Service5 C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe
21:13:06.0063 0x106c AEM Service5 - detected UnsignedFile.Multi.Generic ( 1 )
21:13:08.0850 0x106c Detect skipped due to KSN trusted
21:13:08.0850 0x106c AEM Service5 - ok
21:13:08.0862 0x106c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
21:13:08.0880 0x106c AFD - ok
21:13:08.0885 0x106c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:13:08.0893 0x106c agp440 - ok
21:13:08.0898 0x106c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:13:08.0908 0x106c ALG - ok
21:13:08.0912 0x106c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:13:08.0919 0x106c aliide - ok
21:13:08.0927 0x106c [ 689760C1BDE6C663CAF996F6BFE093BD, 99EE58B532F69323169C58A2FA88F9A3857A96F2111D3F38C84F71826B4FDEBC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:13:08.0942 0x106c AMD External Events Utility - ok
21:13:08.0946 0x106c AMD FUEL Service - ok
21:13:08.0952 0x106c [ 05120427227F6F088ECA75942ED7ACA9, BD25436EB43C6718F5E6A4C3C24831189D3A893DC87AA0ADED993B7C3126F2E9 ] amdhub30 C:\Windows\system32\DRIVERS\amdhub30.sys
21:13:08.0960 0x106c amdhub30 - ok
21:13:08.0964 0x106c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:13:08.0972 0x106c amdide - ok
21:13:08.0977 0x106c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:13:08.0986 0x106c AmdK8 - ok
21:13:09.0263 0x106c [ 7A0EEC010B9F5FB20198EF06505AC44F, 8B62E693F82F21342B4B81A9D87850CD63111EA2104A931DBBAF5F41740E859A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:13:09.0560 0x106c amdkmdag - ok
21:13:09.0597 0x106c [ 3C355B3D0A3FB9FC3A298D0480D673EF, FC69982C900C7803793E57D5E9542DDB81A87DCA180BC992846EFD9376AF0D71 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:13:09.0619 0x106c amdkmdap - ok
21:13:09.0624 0x106c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:13:09.0633 0x106c AmdPPM - ok
21:13:09.0639 0x106c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:13:09.0648 0x106c amdsata - ok
21:13:09.0656 0x106c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:13:09.0667 0x106c amdsbs - ok
21:13:09.0671 0x106c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:13:09.0679 0x106c amdxata - ok
21:13:09.0687 0x106c [ 7DCA2C59491D420947A0B529DB37C7CF, 4673DD141F02801A61FF057BE9DA7FD214C1F9ED31BCB035A8C4E44C579799E4 ] amdxhc C:\Windows\system32\DRIVERS\amdxhc.sys
21:13:09.0697 0x106c amdxhc - ok
21:13:09.0703 0x106c [ 172C69FE64D07BDF5CE24146274F8CB8, 0A36069BA7B1E2C8B00E8E611E5F2AEF3A7571FAEA252752577EF9DE11F343DA ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
21:13:09.0712 0x106c amd_sata - ok
21:13:09.0716 0x106c [ A8FD2F5F3E70BE8FF66D2AFC6B6FB051, E5C9CDBEA96B008F2B73E5151B85867128479FBEEADF2500AB16E3B0692AC030 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
21:13:09.0723 0x106c amd_xata - ok
21:13:09.0729 0x106c [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2.0 C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys
21:13:09.0741 0x106c AODDriver4.2.0 - ok
21:13:09.0745 0x106c [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
21:13:09.0753 0x106c AODDriver4.3 - ok
21:13:09.0758 0x106c [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
21:13:09.0767 0x106c AppID - ok
21:13:09.0771 0x106c [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:13:09.0781 0x106c AppIDSvc - ok
21:13:09.0786 0x106c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
21:13:09.0796 0x106c Appinfo - ok
21:13:09.0803 0x106c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
21:13:09.0814 0x106c AppMgmt - ok
21:13:09.0822 0x106c [ A3C7FC7D3FD8B9FA5FD4B8AF903363D3, 2CCB9380839C4E4AD305F61F13CD5A6B2699C85C8338446AE1F88A0B9048FA04 ] APXACC C:\Windows\system32\DRIVERS\appexDrv.sys
21:13:09.0833 0x106c APXACC - ok
21:13:09.0838 0x106c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
21:13:09.0847 0x106c arc - ok
21:13:09.0852 0x106c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:13:09.0861 0x106c arcsas - ok
21:13:09.0873 0x106c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:13:09.0883 0x106c aspnet_state - ok
21:13:09.0887 0x106c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:13:09.0910 0x106c AsyncMac - ok
21:13:09.0914 0x106c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:13:09.0921 0x106c atapi - ok
21:13:09.0928 0x106c [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:13:09.0938 0x106c AtiHDAudioService - ok
21:13:09.0954 0x106c [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:13:09.0974 0x106c AudioEndpointBuilder - ok
21:13:09.0989 0x106c [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:13:10.0009 0x106c AudioSrv - ok
21:13:10.0017 0x106c [ 485B85B3FF68FB7454984CB92A0532D9, 287F6C6ADF3D96C8AC1BD1FFAD82563DA72A26CF0DECDEA7E987A020EBE06552 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
21:13:10.0026 0x106c Avira.OE.ServiceHost - ok
21:13:10.0030 0x106c avkmgr - ok
21:13:10.0037 0x106c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:13:10.0050 0x106c AxInstSV - ok
21:13:10.0062 0x106c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:13:10.0078 0x106c b06bdrv - ok
21:13:10.0087 0x106c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:13:10.0100 0x106c b57nd60a - ok
21:13:10.0108 0x106c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:13:10.0118 0x106c BDESVC - ok
21:13:10.0121 0x106c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:13:10.0144 0x106c Beep - ok
21:13:10.0161 0x106c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:13:10.0182 0x106c BFE - ok
21:13:10.0201 0x106c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
21:13:10.0239 0x106c BITS - ok
21:13:10.0244 0x106c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:13:10.0254 0x106c blbdrive - ok
21:13:10.0279 0x106c [ E7429ECD0C47CC065EEACF7E9D0E6341, 10D8231E14C908A0949108EB5F84E17BA10ABFC370D0C5F65945B23879AB12BF ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
21:13:10.0306 0x106c Bluetooth Device Monitor - ok
21:13:10.0339 0x106c [ 0F432B34D80351EFC5E35F14D9798CFD, 591D913E069C1C69212A7742D7182E24E669FE7B50680D8D337F32CF9F72B163 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
21:13:10.0369 0x106c Bluetooth Media Service - ok
21:13:10.0398 0x106c [ 96924B1D3060B0C0FFD77D01CB234D9F, 2A02EEC4092646A0BD26B8E8BA8B75F82EB6F46003C56C9A838E412006457DD2 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
21:13:10.0424 0x106c Bluetooth OBEX Service - ok
21:13:10.0435 0x106c [ F832F1505AD8B83474BD9A5B1B985E01, 205D9F237DD50FDF84F57CC53476B5ADB218A03A8B68B017AFF7CBD0DCAC71C4 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
21:13:10.0447 0x106c Bonjour Service - ok
21:13:10.0454 0x106c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:13:10.0463 0x106c bowser - ok
21:13:10.0467 0x106c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:13:10.0477 0x106c BrFiltLo - ok
21:13:10.0480 0x106c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:13:10.0491 0x106c BrFiltUp - ok
21:13:10.0496 0x106c [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:13:10.0520 0x106c BridgeMP - ok
21:13:10.0527 0x106c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:13:10.0538 0x106c Browser - ok
21:13:10.0546 0x106c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:13:10.0560 0x106c Brserid - ok
21:13:10.0565 0x106c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:13:10.0575 0x106c BrSerWdm - ok
21:13:10.0579 0x106c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:13:10.0589 0x106c BrUsbMdm - ok
21:13:10.0594 0x106c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:13:10.0602 0x106c BrUsbSer - ok
21:13:10.0607 0x106c [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:13:10.0616 0x106c BthEnum - ok
21:13:10.0624 0x106c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:13:10.0636 0x106c BTHMODEM - ok
21:13:10.0641 0x106c [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:13:10.0653 0x106c BthPan - ok
21:13:10.0667 0x106c [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
21:13:10.0684 0x106c BTHPORT - ok
21:13:10.0690 0x106c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:13:10.0715 0x106c bthserv - ok
21:13:10.0720 0x106c [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
21:13:10.0729 0x106c BTHUSB - ok
21:13:10.0735 0x106c [ BD64048EE0186D7988943327D677AC84, 436910AEDDBAED02A8E71BA0A96EBDE1906B20AA29F02BE2B20946898B4B0C27 ] btmaudio C:\Windows\system32\drivers\btmaud.sys
21:13:10.0743 0x106c btmaudio - ok
21:13:10.0749 0x106c [ 5B8D71504FA8BFA308F6E1169B89D322, 1DC0CF47C5F655EA0F0992020C17A86D05637F55ACBB17380283EBB883A4D14D ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
21:13:10.0758 0x106c btmaux - ok
21:13:10.0790 0x106c [ D66F3A4F11E42142722DCF9DC5A451D6, 6576421E24ABB4F0A7B5EFB5CF6F9C6F510AFDD0087415D57A5ABBB0866B3E39 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
21:13:10.0820 0x106c btmhsf - ok
21:13:10.0827 0x106c catchme - ok
21:13:10.0833 0x106c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:13:10.0857 0x106c cdfs - ok
21:13:10.0866 0x106c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
21:13:10.0879 0x106c cdrom - ok
21:13:10.0884 0x106c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:13:10.0908 0x106c CertPropSvc - ok
21:13:10.0912 0x106c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
21:13:10.0923 0x106c circlass - ok
21:13:10.0933 0x106c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
21:13:10.0947 0x106c CLFS - ok
21:13:10.0995 0x106c [ EDAD3D6932E4CB7D92F19FEE0238C29D, 8AE3F923CDBBF08ABB401B53D7E743DBD91C64E28AB7A17D7BAB1EF585A8FE4F ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
21:13:11.0046 0x106c ClickToRunSvc - ok
21:13:11.0055 0x106c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:13:11.0063 0x106c clr_optimization_v2.0.50727_32 - ok
21:13:11.0070 0x106c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:13:11.0078 0x106c clr_optimization_v2.0.50727_64 - ok
21:13:11.0088 0x106c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:13:11.0099 0x106c clr_optimization_v4.0.30319_32 - ok
21:13:11.0106 0x106c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:13:11.0117 0x106c clr_optimization_v4.0.30319_64 - ok
21:13:11.0121 0x106c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:13:11.0130 0x106c CmBatt - ok
21:13:11.0134 0x106c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:13:11.0142 0x106c cmdide - ok
21:13:11.0154 0x106c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
21:13:11.0174 0x106c CNG - ok
21:13:11.0178 0x106c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:13:11.0186 0x106c Compbatt - ok
21:13:11.0190 0x106c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:13:11.0201 0x106c CompositeBus - ok
21:13:11.0204 0x106c COMSysApp - ok
21:13:11.0230 0x106c cpuz136 - ok
21:13:11.0234 0x106c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:13:11.0242 0x106c crcdisk - ok
21:13:11.0252 0x106c [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:13:11.0264 0x106c CryptSvc - ok
21:13:11.0277 0x106c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
21:13:11.0294 0x106c CSC - ok
21:13:11.0309 0x106c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
21:13:11.0331 0x106c CscService - ok
21:13:11.0338 0x106c [ 106838084C284C06D01C6C5370F7C5D3, 977096D7C4218E123306FB191C69F6642505DA17D0AE25D6BFFECD029B055BC1 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
21:13:11.0346 0x106c dc3d - ok
21:13:11.0362 0x106c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:13:11.0393 0x106c DcomLaunch - ok
21:13:11.0402 0x106c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:13:11.0430 0x106c defragsvc - ok
21:13:11.0435 0x106c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:13:11.0459 0x106c DfsC - ok
21:13:11.0468 0x106c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:13:11.0482 0x106c Dhcp - ok
21:13:11.0486 0x106c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:13:11.0510 0x106c discache - ok
21:13:11.0514 0x106c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
21:13:11.0523 0x106c Disk - ok
21:13:11.0527 0x106c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
21:13:11.0537 0x106c dmvsc - ok
21:13:11.0544 0x106c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:13:11.0556 0x106c Dnscache - ok
21:13:11.0564 0x106c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:13:11.0590 0x106c dot3svc - ok
21:13:11.0597 0x106c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:13:11.0623 0x106c DPS - ok
21:13:11.0627 0x106c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:13:11.0636 0x106c drmkaud - ok
21:13:11.0656 0x106c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:13:11.0681 0x106c DXGKrnl - ok
21:13:11.0688 0x106c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:13:11.0713 0x106c EapHost - ok
21:13:11.0777 0x106c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:13:11.0843 0x106c ebdrv - ok
21:13:11.0853 0x106c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
21:13:11.0863 0x106c EFS - ok
21:13:11.0879 0x106c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:13:11.0900 0x106c ehRecvr - ok
21:13:11.0906 0x106c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:13:11.0916 0x106c ehSched - ok
21:13:11.0931 0x106c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:13:11.0948 0x106c elxstor - ok
21:13:11.0952 0x106c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:13:11.0961 0x106c ErrDev - ok
21:13:11.0966 0x106c [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv C:\Windows\etdrv.sys
21:13:11.0973 0x106c etdrv - ok
21:13:11.0986 0x106c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:13:12.0016 0x106c EventSystem - ok
21:13:12.0020 0x106c [ A0539478593A00AA64E600CF7E19F195, BD835D70F3EE9BFEFFABE747AD65BC97C73AD8042F653BF93535277FB0CBD4CE ] EvolveVirtualAdapter C:\Windows\system32\DRIVERS\evolve.sys
21:13:12.0029 0x106c EvolveVirtualAdapter - ok
21:13:12.0035 0x106c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
21:13:12.0061 0x106c exfat - ok
21:13:12.0068 0x106c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:13:12.0095 0x106c fastfat - ok
21:13:12.0110 0x106c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:13:12.0131 0x106c Fax - ok
21:13:12.0136 0x106c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
21:13:12.0145 0x106c fdc - ok
21:13:12.0149 0x106c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:13:12.0173 0x106c fdPHost - ok
21:13:12.0177 0x106c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:13:12.0200 0x106c FDResPub - ok
21:13:12.0205 0x106c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:13:12.0213 0x106c FileInfo - ok
21:13:12.0217 0x106c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:13:12.0241 0x106c Filetrace - ok
21:13:12.0245 0x106c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:13:12.0253 0x106c flpydisk - ok
21:13:12.0261 0x106c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:13:12.0274 0x106c FltMgr - ok
21:13:12.0300 0x106c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
21:13:12.0330 0x106c FontCache - ok
21:13:12.0336 0x106c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:13:12.0344 0x106c FontCache3.0.0.0 - ok
21:13:12.0348 0x106c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:13:12.0356 0x106c FsDepends - ok
21:13:12.0360 0x106c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:13:12.0368 0x106c Fs_Rec - ok
21:13:12.0376 0x106c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:13:12.0390 0x106c fvevol - ok
21:13:12.0395 0x106c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:13:12.0404 0x106c gagp30kx - ok
21:13:12.0416 0x106c [ 50FFA2F6A5BEC5BB7C39AAB76EEA3C58, E7B0934FF69994F61D9186BF28EE8EAADEB4F64BC6FAE895B2602DAC3B311235 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
21:13:12.0430 0x106c Garmin Core Update Service - ok
21:13:12.0435 0x106c [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys
21:13:12.0442 0x106c gdrv - ok
21:13:12.0466 0x106c getbus - ok
21:13:12.0495 0x106c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
21:13:12.0531 0x106c gpsvc - ok
21:13:12.0537 0x106c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:13:12.0545 0x106c gupdate - ok
21:13:12.0551 0x106c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:13:12.0559 0x106c gupdatem - ok
21:13:12.0564 0x106c [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64 C:\Windows\GVTDrv64.sys
21:13:12.0572 0x106c GVTDrv64 - ok
21:13:12.0579 0x106c [ 6E02DDFFA0E8C069A92A0888B0CB8415, 44816EA24121AD0C9EB8048BED9250D7992CD0C0ABA69C3269A633D48297B7A7 ] hcmon C:\Windows\system32\drivers\hcmon.sys
21:13:12.0587 0x106c hcmon - ok
21:13:12.0591 0x106c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:13:12.0600 0x106c hcw85cir - ok
21:13:12.0610 0x106c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:13:12.0627 0x106c HdAudAddService - ok
21:13:12.0632 0x106c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:13:12.0645 0x106c HDAudBus - ok
21:13:12.0652 0x106c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:13:12.0661 0x106c HidBatt - ok
21:13:12.0668 0x106c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:13:12.0680 0x106c HidBth - ok
21:13:12.0686 0x106c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
21:13:12.0697 0x106c HidIr - ok
21:13:12.0702 0x106c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
21:13:12.0726 0x106c hidserv - ok
21:13:12.0730 0x106c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:13:12.0739 0x106c HidUsb - ok
21:13:12.0744 0x106c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:13:12.0768 0x106c hkmsvc - ok
21:13:12.0776 0x106c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:13:12.0789 0x106c HomeGroupListener - ok
21:13:12.0796 0x106c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:13:12.0808 0x106c HomeGroupProvider - ok
21:13:12.0812 0x106c [ 86724A200BF1F08A03FB563660FCD928, E2BDD30D7AFECB0F517BB02C788C93D506FB2B180DCA239BC4A1FEDB1E986EAD ] HP DS Service C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
21:13:12.0816 0x106c HP DS Service - detected UnsignedFile.Multi.Generic ( 1 )
21:13:15.0605 0x106c Detect skipped due to KSN trusted
21:13:15.0605 0x106c HP DS Service - ok
21:13:15.0613 0x106c [ 9C42E435F629CD8512BECFA082762425, BC817D05E5B8BE05CAB05F075A2C0B3CCF39E6BBD924BD0040C698F4D4580677 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
21:13:15.0619 0x106c HP LaserJet Service - detected UnsignedFile.Multi.Generic ( 1 )
21:13:18.0407 0x106c Detect skipped due to KSN trusted
21:13:18.0407 0x106c HP LaserJet Service - ok
21:13:18.0411 0x106c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:13:18.0420 0x106c HpSAMD - ok
21:13:18.0440 0x106c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:13:18.0476 0x106c HTTP - ok
21:13:18.0482 0x106c [ D7E0591E2BA1289C875A9D948377441E, 9FDBC10A4FBCE2E9521DF84E177A08530DF6FBF1F830B3D3788367DF8F8ED327 ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO64A.SYS
21:13:18.0490 0x106c HWiNFO32 - ok
21:13:18.0494 0x106c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:13:18.0502 0x106c hwpolicy - ok
21:13:18.0507 0x106c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:13:18.0518 0x106c i8042prt - ok
21:13:18.0530 0x106c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:13:18.0544 0x106c iaStorV - ok
21:13:18.0553 0x106c [ 42AC8F419412AFEB326C411DB1753C2F, 949D99261207502D8CAB6715980D584018BE9EAFE15C0ACF7FDAD25121BD42B4 ] ibtusb C:\Windows\system32\DRIVERS\ibtusb.sys
21:13:18.0562 0x106c ibtusb - ok
21:13:18.0569 0x106c [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:13:18.0575 0x106c ICCS - detected UnsignedFile.Multi.Generic ( 1 )
21:13:21.0368 0x106c Detect skipped due to KSN trusted
21:13:21.0368 0x106c ICCS - ok
21:13:21.0374 0x106c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:13:21.0379 0x106c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:13:24.0058 0x106c Detect skipped due to KSN trusted
21:13:24.0058 0x106c IDriverT - ok
21:13:24.0077 0x106c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:13:24.0099 0x106c idsvc - ok
21:13:24.0104 0x106c IEEtwCollectorService - ok
21:13:24.0109 0x106c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:13:24.0117 0x106c iirsp - ok
21:13:24.0137 0x106c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:13:24.0161 0x106c IKEEXT - ok
21:13:24.0242 0x106c [ 07E34A18AB9DAD1F680B1066D9782BFB, 62285189743CAA57B0108D8D4A197E5BB22143311026AD4AC5BA7BBEA7DC4299 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:13:24.0315 0x106c IntcAzAudAddService - ok
21:13:24.0324 0x106c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:13:24.0332 0x106c intelide - ok
21:13:24.0337 0x106c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
21:13:24.0347 0x106c intelppm - ok
21:13:24.0355 0x106c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:13:24.0381 0x106c IPBusEnum - ok
21:13:24.0386 0x106c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:13:24.0409 0x106c IpFilterDriver - ok
21:13:24.0425 0x106c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:13:24.0445 0x106c iphlpsvc - ok
21:13:24.0450 0x106c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:13:24.0460 0x106c IPMIDRV - ok
21:13:24.0465 0x106c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:13:24.0490 0x106c IPNAT - ok
21:13:24.0494 0x106c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:13:24.0505 0x106c IRENUM - ok
21:13:24.0509 0x106c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:13:24.0517 0x106c isapnp - ok
21:13:24.0526 0x106c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:13:24.0538 0x106c iScsiPrt - ok
21:13:24.0543 0x106c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:13:24.0551 0x106c kbdclass - ok
21:13:24.0556 0x106c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:13:24.0565 0x106c kbdhid - ok
21:13:24.0570 0x106c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
21:13:24.0579 0x106c KeyIso - ok
21:13:24.0584 0x106c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:13:24.0593 0x106c KSecDD - ok
21:13:24.0600 0x106c [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:13:24.0610 0x106c KSecPkg - ok
21:13:24.0614 0x106c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:13:24.0638 0x106c ksthunk - ok
21:13:24.0649 0x106c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:13:24.0679 0x106c KtmRm - ok
21:13:24.0687 0x106c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:13:24.0714 0x106c LanmanServer - ok
21:13:24.0720 0x106c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:13:24.0745 0x106c LanmanWorkstation - ok
21:13:24.0751 0x106c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:13:24.0775 0x106c lltdio - ok
21:13:24.0784 0x106c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:13:24.0813 0x106c lltdsvc - ok
21:13:24.0821 0x106c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:13:24.0844 0x106c lmhosts - ok
21:13:24.0853 0x106c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:13:24.0863 0x106c LSI_FC - ok
21:13:24.0869 0x106c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:13:24.0878 0x106c LSI_SAS - ok
21:13:24.0883 0x106c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:13:24.0892 0x106c LSI_SAS2 - ok
21:13:24.0897 0x106c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:13:24.0907 0x106c LSI_SCSI - ok
21:13:24.0912 0x106c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:13:24.0937 0x106c luafv - ok
21:13:24.0942 0x106c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:13:24.0953 0x106c Mcx2Svc - ok
21:13:24.0957 0x106c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
21:13:24.0965 0x106c megasas - ok
21:13:24.0974 0x106c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:13:24.0986 0x106c MegaSR - ok
21:13:24.0992 0x106c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:13:25.0017 0x106c MMCSS - ok
21:13:25.0021 0x106c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:13:25.0045 0x106c Modem - ok
21:13:25.0048 0x106c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:13:25.0059 0x106c monitor - ok
21:13:25.0063 0x106c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:13:25.0071 0x106c mouclass - ok
21:13:25.0075 0x106c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:13:25.0084 0x106c mouhid - ok
21:13:25.0090 0x106c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:13:25.0098 0x106c mountmgr - ok
21:13:25.0107 0x106c [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:13:25.0121 0x106c MpFilter - ok
21:13:25.0127 0x106c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:13:25.0137 0x106c mpio - ok
21:13:25.0142 0x106c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:13:25.0167 0x106c mpsdrv - ok
21:13:25.0184 0x106c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:13:25.0222 0x106c MpsSvc - ok
21:13:25.0229 0x106c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:13:25.0240 0x106c MRxDAV - ok
21:13:25.0247 0x106c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:13:25.0258 0x106c mrxsmb - ok
21:13:25.0269 0x106c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:13:25.0282 0x106c mrxsmb10 - ok
21:13:25.0288 0x106c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:13:25.0299 0x106c mrxsmb20 - ok
21:13:25.0303 0x106c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:13:25.0311 0x106c msahci - ok
21:13:25.0317 0x106c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:13:25.0327 0x106c msdsm - ok
21:13:25.0332 0x106c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:13:25.0344 0x106c MSDTC - ok
21:13:25.0351 0x106c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:13:25.0374 0x106c Msfs - ok
21:13:25.0378 0x106c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:13:25.0401 0x106c mshidkmdf - ok
21:13:25.0405 0x106c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:13:25.0412 0x106c msisadrv - ok
21:13:25.0420 0x106c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:13:25.0446 0x106c MSiSCSI - ok
21:13:25.0449 0x106c msiserver - ok
21:13:25.0453 0x106c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:13:25.0477 0x106c MSKSSRV - ok
21:13:25.0481 0x106c [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
21:13:25.0489 0x106c MsMpSvc - ok
21:13:25.0493 0x106c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:13:25.0516 0x106c MSPCLOCK - ok
21:13:25.0519 0x106c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:13:25.0543 0x106c MSPQM - ok
21:13:25.0553 0x106c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:13:25.0566 0x106c MsRPC - ok
21:13:25.0572 0x106c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:13:25.0580 0x106c mssmbios - ok
21:13:25.0584 0x106c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:13:25.0607 0x106c MSTEE - ok
21:13:25.0610 0x106c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:13:25.0620 0x106c MTConfig - ok
21:13:25.0624 0x106c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:13:25.0632 0x106c Mup - ok
21:13:25.0645 0x106c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:13:25.0676 0x106c napagent - ok
21:13:25.0685 0x106c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:13:25.0702 0x106c NativeWifiP - ok
21:13:25.0723 0x106c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
21:13:25.0747 0x106c NDIS - ok
21:13:25.0752 0x106c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:13:25.0776 0x106c NdisCap - ok
21:13:25.0779 0x106c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:13:25.0803 0x106c NdisTapi - ok
21:13:25.0807 0x106c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:13:25.0831 0x106c Ndisuio - ok
21:13:25.0837 0x106c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:13:25.0862 0x106c NdisWan - ok
21:13:25.0867 0x106c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:13:25.0894 0x106c NDProxy - ok
21:13:25.0898 0x106c [ 1AB24A3DF1A458FA517364CBD69CCDF6, F5C751CF68E0C05E0CBDBE917A54AC012B20469F7E9880DCC7852C6A61869456 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:13:25.0903 0x106c Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:13:28.0691 0x106c Detect skipped due to KSN trusted
21:13:28.0691 0x106c Net Driver HPZ12 - ok
21:13:28.0700 0x106c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:13:28.0724 0x106c NetBIOS - ok
21:13:28.0732 0x106c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:13:28.0759 0x106c NetBT - ok
21:13:28.0767 0x106c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
21:13:28.0776 0x106c Netlogon - ok
21:13:28.0786 0x106c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:13:28.0815 0x106c Netman - ok
21:13:28.0831 0x106c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:13:28.0842 0x106c NetMsmqActivator - ok
21:13:28.0848 0x106c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:13:28.0859 0x106c NetPipeActivator - ok
21:13:28.0871 0x106c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:13:28.0903 0x106c netprofm - ok
21:13:28.0913 0x106c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:13:28.0924 0x106c NetTcpActivator - ok
21:13:28.0930 0x106c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:13:28.0940 0x106c NetTcpPortSharing - ok
21:13:29.0014 0x106c [ C765243896D8D734FD667AE42B0FB40B, B2D00B0D82450C4EA191D241D538D839400214C587CCB3FE3EE99709093825E1 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwsw02.sys
21:13:29.0085 0x106c NETwNs64 - ok
21:13:29.0095 0x106c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:13:29.0103 0x106c nfrd960 - ok
21:13:29.0108 0x106c [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:13:29.0122 0x106c NisDrv - ok
21:13:29.0131 0x106c [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
21:13:29.0147 0x106c NisSrv - ok
21:13:29.0157 0x106c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:13:29.0171 0x106c NlaSvc - ok
21:13:29.0175 0x106c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:13:29.0199 0x106c Npfs - ok
21:13:29.0202 0x106c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
21:13:29.0226 0x106c nsi - ok
21:13:29.0231 0x106c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:13:29.0254 0x106c nsiproxy - ok
21:13:29.0291 0x106c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:13:29.0328 0x106c Ntfs - ok
21:13:29.0336 0x106c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:13:29.0359 0x106c Null - ok
21:13:29.0365 0x106c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:13:29.0375 0x106c nvraid - ok
21:13:29.0382 0x106c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:13:29.0392 0x106c nvstor - ok
21:13:29.0397 0x106c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:13:29.0407 0x106c nv_agp - ok
21:13:29.0411 0x106c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:13:29.0421 0x106c ohci1394 - ok
21:13:29.0427 0x106c [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:13:29.0437 0x106c ose - ok
21:13:29.0530 0x106c [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:13:29.0630 0x106c osppsvc - ok
21:13:29.0647 0x106c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:13:29.0662 0x106c p2pimsvc - ok
21:13:29.0673 0x106c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:13:29.0690 0x106c p2psvc - ok
21:13:29.0695 0x106c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
21:13:29.0706 0x106c Parport - ok
21:13:29.0711 0x106c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:13:29.0719 0x106c partmgr - ok
21:13:29.0726 0x106c [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:13:29.0738 0x106c PcaSvc - ok
21:13:29.0744 0x106c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:13:29.0755 0x106c pci - ok
21:13:29.0759 0x106c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:13:29.0766 0x106c pciide - ok
21:13:29.0774 0x106c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:13:29.0785 0x106c pcmcia - ok
21:13:29.0791 0x106c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:13:29.0799 0x106c pcw - ok
21:13:29.0835 0x106c [ D0AD1271494EB9E065E902D1013BC369, 0E4DB28B5C348DF44BADC64FB8BCDA563D0515A75F0F14FD076BC39AF19BD65F ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe
21:13:29.0873 0x106c PDF Architect 2 - ok
21:13:29.0893 0x106c [ 835E1A0AB522271FFA66E40875AB649A, EBAD6126E16593B1BEB6958772A04A8CF46B587D494E8DA2349636BF93E6900C ] PDF Architect 2 Creator C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
21:13:29.0912 0x106c PDF Architect 2 Creator - ok
21:13:29.0932 0x106c [ 89436BB836F6737F19EB2B78250E414E, 9140F42CACDDC0979B90553D43A1FA1296DD829E6235D272F9DF3670613445CF ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
21:13:29.0953 0x106c pdfforge CrashHandler - ok
21:13:29.0970 0x106c [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:13:29.0990 0x106c PEAUTH - ok
21:13:30.0020 0x106c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:13:30.0054 0x106c PeerDistSvc - ok
21:13:30.0073 0x106c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:13:30.0082 0x106c PerfHost - ok
21:13:30.0114 0x106c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
21:13:30.0162 0x106c pla - ok
21:13:30.0177 0x106c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:13:30.0193 0x106c PlugPlay - ok
21:13:30.0198 0x106c [ 17A0A09C8C1CA72BBFB3D9E3B0A5E018, C8BF101BAB6D5400F892EE92F2E788A7096192A417707C4FA91F54EE2C29D394 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:13:30.0203 0x106c Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:13:32.0989 0x106c Detect skipped due to KSN trusted
21:13:32.0989 0x106c Pml Driver HPZ12 - ok
21:13:32.0993 0x106c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:13:33.0003 0x106c PNRPAutoReg - ok
21:13:33.0012 0x106c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:13:33.0026 0x106c PNRPsvc - ok
21:13:33.0031 0x106c [ 8E0ACA1C5D6516E5E2E7A7AA5D44D704, 9CCE2FCBEDD21E1EA4A0476B4886DC6C6493CCBAB27AF23E83B0B0B646D8C520 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
21:13:33.0040 0x106c Point64 - ok
21:13:33.0052 0x106c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:13:33.0083 0x106c PolicyAgent - ok
21:13:33.0092 0x106c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
21:13:33.0119 0x106c Power - ok
21:13:33.0124 0x106c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:13:33.0148 0x106c PptpMiniport - ok
21:13:33.0153 0x106c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
21:13:33.0163 0x106c Processor - ok
21:13:33.0170 0x106c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
21:13:33.0183 0x106c ProfSvc - ok
21:13:33.0187 0x106c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:13:33.0197 0x106c ProtectedStorage - ok
21:13:33.0202 0x106c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:13:33.0227 0x106c Psched - ok
21:13:33.0257 0x106c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:13:33.0292 0x106c ql2300 - ok
21:13:33.0300 0x106c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:13:33.0310 0x106c ql40xx - ok
21:13:33.0318 0x106c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:13:33.0335 0x106c QWAVE - ok
21:13:33.0340 0x106c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:13:33.0352 0x106c QWAVEdrv - ok
21:13:33.0355 0x106c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:13:33.0378 0x106c RasAcd - ok
21:13:33.0383 0x106c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:13:33.0407 0x106c RasAgileVpn - ok
21:13:33.0413 0x106c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:13:33.0438 0x106c RasAuto - ok
21:13:33.0444 0x106c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:13:33.0468 0x106c Rasl2tp - ok
21:13:33.0479 0x106c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:13:33.0508 0x106c RasMan - ok
21:13:33.0514 0x106c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:13:33.0538 0x106c RasPppoe - ok
21:13:33.0543 0x106c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:13:33.0567 0x106c RasSstp - ok
21:13:33.0577 0x106c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:13:33.0604 0x106c rdbss - ok
21:13:33.0608 0x106c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:13:33.0619 0x106c rdpbus - ok
21:13:33.0622 0x106c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:13:33.0645 0x106c RDPCDD - ok
21:13:33.0654 0x106c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:13:33.0665 0x106c RDPDR - ok
21:13:33.0669 0x106c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:13:33.0692 0x106c RDPENCDD - ok
21:13:33.0698 0x106c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:13:33.0721 0x106c RDPREFMP - ok
21:13:33.0727 0x106c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:13:33.0736 0x106c RdpVideoMiniport - ok
21:13:33.0744 0x106c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:13:33.0756 0x106c RDPWD - ok
21:13:33.0763 0x106c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:13:33.0774 0x106c rdyboost - ok
21:13:33.0780 0x106c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:13:33.0805 0x106c RemoteAccess - ok
21:13:33.0813 0x106c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:13:33.0839 0x106c RemoteRegistry - ok
21:13:33.0846 0x106c [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:13:33.0858 0x106c RFCOMM - ok
21:13:33.0864 0x106c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:13:33.0889 0x106c RpcEptMapper - ok
21:13:33.0893 0x106c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:13:33.0902 0x106c RpcLocator - ok
21:13:33.0916 0x106c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
21:13:33.0949 0x106c RpcSs - ok
21:13:33.0954 0x106c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:13:33.0979 0x106c rspndr - ok
21:13:33.0998 0x106c [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:13:34.0016 0x106c RTL8167 - ok
21:13:34.0021 0x106c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:13:34.0029 0x106c s3cap - ok
21:13:34.0034 0x106c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
21:13:34.0043 0x106c SamSs - ok
21:13:34.0049 0x106c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:13:34.0058 0x106c sbp2port - ok
21:13:34.0066 0x106c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:13:34.0092 0x106c SCardSvr - ok
21:13:34.0096 0x106c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:13:34.0119 0x106c scfilter - ok
21:13:34.0141 0x106c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
21:13:34.0202 0x106c Schedule - ok
21:13:34.0208 0x106c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:13:34.0231 0x106c SCPolicySvc - ok
21:13:34.0238 0x106c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:13:34.0250 0x106c SDRSVC - ok
21:13:34.0254 0x106c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:13:34.0277 0x106c secdrv - ok
21:13:34.0280 0x106c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
21:13:34.0304 0x106c seclogon - ok
21:13:34.0310 0x106c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
21:13:34.0335 0x106c SENS - ok
21:13:34.0338 0x106c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:13:34.0348 0x106c SensrSvc - ok
21:13:34.0352 0x106c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:13:34.0361 0x106c Serenum - ok
21:13:34.0370 0x106c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:13:34.0382 0x106c Serial - ok
21:13:34.0386 0x106c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:13:34.0395 0x106c sermouse - ok
21:13:34.0407 0x106c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:13:34.0431 0x106c SessionEnv - ok
21:13:34.0435 0x106c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:13:34.0446 0x106c sffdisk - ok
21:13:34.0449 0x106c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:13:34.0459 0x106c sffp_mmc - ok
21:13:34.0463 0x106c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:13:34.0474 0x106c sffp_sd - ok
21:13:34.0477 0x106c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:13:34.0486 0x106c sfloppy - ok
21:13:34.0496 0x106c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:13:34.0526 0x106c SharedAccess - ok
21:13:34.0537 0x106c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:13:34.0566 0x106c ShellHWDetection - ok
21:13:34.0571 0x106c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:13:34.0579 0x106c SiSRaid2 - ok
21:13:34.0584 0x106c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:13:34.0593 0x106c SiSRaid4 - ok
21:13:34.0599 0x106c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:13:34.0623 0x106c Smb - ok
21:13:34.0631 0x106c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:13:34.0641 0x106c SNMPTRAP - ok
21:13:34.0645 0x106c [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\syswow64\speedfan.sys
21:13:34.0655 0x106c speedfan - ok
21:13:34.0659 0x106c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:13:34.0666 0x106c spldr - ok
21:13:34.0681 0x106c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:13:34.0699 0x106c Spooler - ok
21:13:34.0766 0x106c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:13:34.0852 0x106c sppsvc - ok
21:13:34.0864 0x106c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:13:34.0890 0x106c sppuinotify - ok
21:13:34.0904 0x106c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:13:34.0920 0x106c srv - ok
21:13:34.0932 0x106c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:13:34.0947 0x106c srv2 - ok
21:13:34.0955 0x106c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:13:34.0967 0x106c srvnet - ok
21:13:34.0973 0x106c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:13:35.0001 0x106c SSDPSRV - ok
21:13:35.0006 0x106c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:13:35.0031 0x106c SstpSvc - ok
21:13:35.0035 0x106c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:13:35.0043 0x106c stexstor - ok
21:13:35.0058 0x106c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:13:35.0080 0x106c stisvc - ok
21:13:35.0086 0x106c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:13:35.0094 0x106c storflt - ok
21:13:35.0098 0x106c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
21:13:35.0107 0x106c StorSvc - ok
21:13:35.0112 0x106c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:13:35.0120 0x106c storvsc - ok
21:13:35.0124 0x106c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:13:35.0132 0x106c swenum - ok
21:13:35.0145 0x106c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:13:35.0178 0x106c swprv - ok
21:13:35.0214 0x106c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
21:13:35.0259 0x106c SysMain - ok
21:13:35.0267 0x106c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:13:35.0281 0x106c TabletInputService - ok
21:13:35.0291 0x106c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:13:35.0319 0x106c TapiSrv - ok
21:13:35.0324 0x106c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
21:13:35.0349 0x106c TBS - ok
21:13:35.0390 0x106c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:13:35.0431 0x106c Tcpip - ok
21:13:35.0475 0x106c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:13:35.0516 0x106c TCPIP6 - ok
21:13:35.0525 0x106c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:13:35.0534 0x106c tcpipreg - ok
21:13:35.0539 0x106c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:13:35.0548 0x106c TDPIPE - ok
21:13:35.0552 0x106c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:13:35.0560 0x106c TDTCP - ok
21:13:35.0566 0x106c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:13:35.0590 0x106c tdx - ok
21:13:35.0677 0x106c [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
21:13:35.0769 0x106c TeamViewer9 - ok
21:13:35.0781 0x106c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:13:35.0789 0x106c TermDD - ok
21:13:35.0805 0x106c [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll
21:13:35.0826 0x106c TermService - ok
21:13:35.0831 0x106c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:13:35.0844 0x106c Themes - ok
21:13:35.0849 0x106c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:13:35.0874 0x106c THREADORDER - ok
21:13:35.0881 0x106c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:13:35.0907 0x106c TrkWks - ok
21:13:35.0914 0x106c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:13:35.0940 0x106c TrustedInstaller - ok
21:13:35.0946 0x106c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:13:35.0956 0x106c tssecsrv - ok
21:13:35.0960 0x106c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:13:35.0970 0x106c TsUsbFlt - ok
21:13:35.0975 0x106c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:13:35.0985 0x106c TsUsbGD - ok
21:13:36.0031 0x106c [ CDAD7034AF9562835F29FB50A5F54832, CEBEAAF387A6B6A7CE20839E29988F47A7CD381BEDD8B127ECD5E0548BCC68FA ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
21:13:36.0075 0x106c TuneUp.UtilitiesSvc - ok
21:13:36.0081 0x106c [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
21:13:36.0089 0x106c TuneUpUtilitiesDrv - ok
21:13:36.0095 0x106c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:13:36.0120 0x106c tunnel - ok
21:13:36.0125 0x106c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:13:36.0133 0x106c uagp35 - ok
21:13:36.0143 0x106c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:13:36.0171 0x106c udfs - ok
21:13:36.0179 0x106c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:13:36.0189 0x106c UI0Detect - ok
21:13:36.0194 0x106c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:13:36.0202 0x106c uliagpkx - ok
21:13:36.0207 0x106c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:13:36.0216 0x106c umbus - ok
21:13:36.0220 0x106c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:13:36.0229 0x106c UmPass - ok
21:13:36.0236 0x106c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
21:13:36.0249 0x106c UmRdpService - ok
21:13:36.0259 0x106c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:13:36.0289 0x106c upnphost - ok
21:13:36.0296 0x106c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:13:36.0307 0x106c usbccgp - ok
21:13:36.0312 0x106c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:13:36.0322 0x106c usbcir - ok
21:13:36.0327 0x106c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:13:36.0336 0x106c usbehci - ok
21:13:36.0341 0x106c [ 5A4AC5D05A7C97C68596416C05D6F2B4, 1CDE5172B763D2D65379B9F3ABACC080AF676DB9354EC98A455E620C4CE3E18A ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
21:13:36.0349 0x106c usbfilter - ok
21:13:36.0359 0x106c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:13:36.0374 0x106c usbhub - ok
21:13:36.0378 0x106c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:13:36.0386 0x106c usbohci - ok
21:13:36.0392 0x106c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:13:36.0403 0x106c usbprint - ok
21:13:36.0408 0x106c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:13:36.0418 0x106c USBSTOR - ok
21:13:36.0422 0x106c [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:13:36.0431 0x106c usbuhci - ok
21:13:36.0435 0x106c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:13:36.0460 0x106c UxSms - ok
21:13:36.0466 0x106c [ F136966EB7D751075AE020D85F718F59, 8DFF4F8584F1AC5A9D9E5D6D4986657916E9C51B1809A22D155FB7208039EC90 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
21:13:36.0474 0x106c UxTuneUp - ok
21:13:36.0478 0x106c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
21:13:36.0487 0x106c VaultSvc - ok
21:13:36.0491 0x106c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:13:36.0499 0x106c vdrvroot - ok
21:13:36.0512 0x106c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:13:36.0545 0x106c vds - ok
21:13:36.0550 0x106c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:13:36.0560 0x106c vga - ok
21:13:36.0565 0x106c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:13:36.0588 0x106c VgaSave - ok
21:13:36.0595 0x106c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:13:36.0606 0x106c vhdmp - ok
21:13:36.0611 0x106c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:13:36.0619 0x106c viaide - ok
21:13:36.0624 0x106c [ 549CD7035F5CF5CEE4DE11539C9715F4, 6FED4D5161420890A92C3B811B4CBD18A1A106D5F5E674166E538E65A1C68E04 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
21:13:36.0632 0x106c VMAuthdService - ok
21:13:36.0639 0x106c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:13:36.0650 0x106c vmbus - ok
21:13:36.0654 0x106c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:13:36.0662 0x106c VMBusHID - ok
21:13:36.0668 0x106c [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci C:\Windows\system32\DRIVERS\vmci.sys
21:13:36.0676 0x106c vmci - ok
21:13:36.0681 0x106c [ CCB2A61113D093B9B5CCCF1D60D65E7A, 4459DD26ACF1B7675016B16BA02814E2A35FE862DEDA31AC7110CE2C2E3947AA ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
21:13:36.0688 0x106c vmkbd - ok
21:13:36.0692 0x106c [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
21:13:36.0700 0x106c VMnetAdapter - ok
21:13:36.0705 0x106c [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
21:13:36.0713 0x106c VMnetBridge - ok
21:13:36.0716 0x106c VMnetDHCP - ok
21:13:36.0721 0x106c [ 668C12E04D5AB4981864B12494AF907F, 20D94E5E060EB04558B39B33A81C989D7F9DB52C7378FECF9D430F1DC385E4E0 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
21:13:36.0728 0x106c VMnetuserif - ok
21:13:36.0733 0x106c [ F347A28F63162FF82BDDAADC14935BA4, 44C11B483CCA161E7097ED74C819464FE99C1E6AA9B1AB6A637BACDA6EF48519 ] vmusb C:\Windows\system32\DRIVERS\vmusb.sys
21:13:36.0741 0x106c vmusb - ok
21:13:36.0762 0x106c [ 093B967896BA9EF2ADFCD75E185B9DA9, 3D6F5FF56311D4B506D02F77620B80EDB54E6E560BDF53AC9F3CDBB037D0ACA0 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
21:13:36.0785 0x106c VMUSBArbService - ok
21:13:36.0792 0x106c VMware NAT Service - ok
21:13:36.0798 0x106c [ EBAC38A198308359FD89C10704265E5E, 7C234FE34D6A65D754F8B2EA0458365997CF97B88779B01551E5227910943224 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
21:13:36.0806 0x106c vmx86 - ok
21:13:36.0810 0x106c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:13:36.0819 0x106c volmgr - ok
21:13:36.0828 0x106c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:13:36.0842 0x106c volmgrx - ok
21:13:36.0851 0x106c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:13:36.0865 0x106c volsnap - ok
21:13:36.0873 0x106c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:13:36.0883 0x106c vsmraid - ok
21:13:36.0889 0x106c [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock C:\Windows\system32\drivers\vsock.sys
21:13:36.0897 0x106c vsock - ok
21:13:36.0930 0x106c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:13:36.0982 0x106c VSS - ok
21:13:36.0991 0x106c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:13:37.0001 0x106c vwifibus - ok
21:13:37.0005 0x106c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:13:37.0017 0x106c vwififlt - ok
21:13:37.0021 0x106c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:13:37.0033 0x106c vwifimp - ok
21:13:37.0045 0x106c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:13:37.0075 0x106c W32Time - ok
21:13:37.0081 0x106c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:13:37.0091 0x106c WacomPen - ok
21:13:37.0096 0x106c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:13:37.0119 0x106c WANARP - ok
21:13:37.0124 0x106c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:13:37.0147 0x106c Wanarpv6 - ok
21:13:37.0180 0x106c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:13:37.0216 0x106c wbengine - ok
21:13:37.0226 0x106c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:13:37.0242 0x106c WbioSrvc - ok
21:13:37.0253 0x106c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:13:37.0273 0x106c wcncsvc - ok
21:13:37.0277 0x106c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:13:37.0287 0x106c WcsPlugInService - ok
21:13:37.0291 0x106c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
21:13:37.0299 0x106c Wd - ok
21:13:37.0317 0x106c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:13:37.0340 0x106c Wdf01000 - ok
21:13:37.0346 0x106c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:13:37.0360 0x106c WdiServiceHost - ok
21:13:37.0365 0x106c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:13:37.0379 0x106c WdiSystemHost - ok
21:13:37.0388 0x106c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
21:13:37.0402 0x106c WebClient - ok
21:13:37.0410 0x106c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:13:37.0439 0x106c Wecsvc - ok
21:13:37.0444 0x106c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:13:37.0470 0x106c wercplsupport - ok
21:13:37.0475 0x106c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:13:37.0501 0x106c WerSvc - ok
21:13:37.0505 0x106c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:13:37.0528 0x106c WfpLwf - ok
21:13:37.0532 0x106c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:13:37.0540 0x106c WIMMount - ok
21:13:37.0543 0x106c WinDefend - ok
21:13:37.0551 0x106c WinHttpAutoProxySvc - ok
21:13:37.0563 0x106c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:13:37.0591 0x106c Winmgmt - ok
21:13:37.0630 0x106c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
21:13:37.0690 0x106c WinRM - ok
21:13:37.0702 0x106c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:13:37.0713 0x106c WinUsb - ok
21:13:37.0732 0x106c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:13:37.0760 0x106c Wlansvc - ok
21:13:37.0808 0x106c [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:13:37.0857 0x106c wlidsvc - ok
21:13:37.0866 0x106c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:13:37.0880 0x106c WmiAcpi - ok
21:13:37.0890 0x106c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:13:37.0903 0x106c wmiApSrv - ok
21:13:37.0906 0x106c WMPNetworkSvc - ok
21:13:37.0911 0x106c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:13:37.0921 0x106c WPCSvc - ok
21:13:37.0926 0x106c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:13:37.0939 0x106c WPDBusEnum - ok
21:13:37.0944 0x106c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:13:37.0967 0x106c ws2ifsl - ok
21:13:37.0972 0x106c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
21:13:37.0986 0x106c wscsvc - ok
21:13:37.0990 0x106c WSearch - ok
21:13:38.0044 0x106c [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
21:13:38.0099 0x106c wuauserv - ok
21:13:38.0108 0x106c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:13:38.0118 0x106c WudfPf - ok
21:13:38.0126 0x106c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:13:38.0137 0x106c WUDFRd - ok
21:13:38.0144 0x106c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:13:38.0154 0x106c wudfsvc - ok
21:13:38.0163 0x106c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:13:38.0177 0x106c WwanSvc - ok
21:13:38.0193 0x106c ================ Scan global ===============================
21:13:38.0196 0x106c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:13:38.0203 0x106c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:13:38.0214 0x106c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:13:38.0221 0x106c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:13:38.0230 0x106c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:13:38.0236 0x106c [ Global ] - ok
21:13:38.0236 0x106c ================ Scan MBR ==================================
21:13:38.0239 0x106c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:13:38.0447 0x106c \Device\Harddisk0\DR0 - ok
21:13:38.0450 0x106c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
21:13:38.0464 0x106c \Device\Harddisk1\DR1 - ok
21:13:38.0464 0x106c ================ Scan VBR ==================================
21:13:38.0466 0x106c [ 13FA4CBBD8674AF552A512C8E4292E90 ] \Device\Harddisk0\DR0\Partition1
21:13:38.0467 0x106c \Device\Harddisk0\DR0\Partition1 - ok
21:13:38.0470 0x106c [ 3CB0BE21EBCC9C19A09A936DC6C4D18B ] \Device\Harddisk0\DR0\Partition2
21:13:38.0471 0x106c \Device\Harddisk0\DR0\Partition2 - ok
21:13:38.0474 0x106c [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
21:13:38.0474 0x106c \Device\Harddisk1\DR1\Partition1 - ok
21:13:38.0478 0x106c [ 4AE35993D34EBC3C3218DD7D072B30DB ] \Device\Harddisk1\DR1\Partition2
21:13:38.0480 0x106c \Device\Harddisk1\DR1\Partition2 - ok
21:13:38.0480 0x106c ================ Scan generic autorun ======================
21:13:38.0731 0x106c [ 66EB84DA5F31FDA757336444B8D1E3B2, FECAB747B321AD6ED2336C1FB2E756C39883275ED54A559CF7B6989DEA4DD7EB ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:13:38.0973 0x106c RTHDVCPL - ok
21:13:38.0994 0x106c [ 4420BBAC770EB87AB74E4B9146E18924, 6DB78DB9FD72F1E8C7651D2B3FF090CB4A8C90BA0D11F69D533960CE67170CFC ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
21:13:39.0003 0x106c BLEServicesCtrl - ok
21:13:39.0005 0x106c BTMTrayAgent - ok
21:13:39.0031 0x106c [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] C:\Program Files\Microsoft Security Client\msseces.exe
21:13:39.0064 0x106c MSC - ok
21:13:39.0070 0x106c [ 053C93D5967E08748DBA0E132EAEC0B3, B48A00B00DFDFCF6911911B34788CD359BF90AB66F4A2A3FE177B75EB775C2C2 ] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
21:13:39.0074 0x106c NUSB3MON - detected UnsignedFile.Multi.Generic ( 1 )
21:13:41.0885 0x106c Detect skipped due to KSN trusted
21:13:41.0885 0x106c NUSB3MON - ok
21:13:41.0894 0x106c [ 9C99AF6C0C4892A83066FFA04265F95C, 18E94B8322960C56A7D0BEDF77D026F0318904ECC230B6121E97E6993B999B4F ] C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
21:13:41.0906 0x106c StatusAlerts - ok
21:13:41.0917 0x106c [ 1606A7B4DA56B3BA369FC612F45A3362, A50B1FADEA3DB60E8D5F18390FD34D8F95D3F0C2C4F78F3791177FCD9CFB21F0 ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
21:13:41.0927 0x106c FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
21:13:44.0634 0x106c Detect skipped due to KSN trusted
21:13:44.0634 0x106c FreePDF Assistant - ok
21:13:44.0645 0x106c [ 6EF8ECD06B52726A16CB8CE20338B5D9, 44CA0958E024F5A0AD4AF999AB24221F302D3BB37AC58D406E32C87FC6192CF9 ] C:\Program Files (x86)\PDF24\pdf24.exe
21:13:44.0658 0x106c PDFPrint - ok
21:13:44.0675 0x106c [ 93E5D5B31267DB04C61A15D846BB3787, A73D7DA17C8B58E43E2C81B301D0BBD7973CA2EA85BCF513B8947628E05CA4D4 ] C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
21:13:44.0691 0x106c ScreenSplitter - detected UnsignedFile.Multi.Generic ( 1 )
21:13:47.0499 0x106c Detect skipped due to KSN trusted
21:13:47.0499 0x106c ScreenSplitter - ok
21:13:47.0514 0x106c [ D5D021AEFA851CD0E8948EA4974EF88C, 596C02AFAB31F44A52E8F3BEEC869557C5DB3CDFB2A559721F25614EFE768D53 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
21:13:47.0532 0x106c GarminExpressTrayApp - ok
21:13:47.0544 0x106c [ 549A6319EAF040D8B8ECFF8ADF9F36D0, CE020A2C761C7D71BAE183AAF3A251909A06C31E518872A9682A8994F4D475B2 ] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
21:13:47.0559 0x106c AppEx Accelerator UI - ok
21:13:47.0593 0x106c [ B91D5F7C0119DC4EE67684F52631D3E4, 4BFD7A433AB65F77426D21A8F3B38AE0BAF5DDDD952FF2EF3E0E64E8F5D0B30D ] C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe
21:13:47.0629 0x106c AEM - ok
21:13:47.0648 0x106c [ B53D59915A356B06C1D7DE5B22B4177C, 98E7DF7D9695E0CB18B2C1B39473E147C6C943828950CB9EBAD71C82241FDBD7 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
21:13:47.0669 0x106c GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26 - ok
21:13:47.0718 0x106c [ D6B3AF9E3CE610B69AB1D38262DAE833, CBE366A5459A651537466B9F5017AB87FA8AD5B28F4FADE3FA66B4D97950B5D7 ] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
21:13:47.0771 0x106c Plex Media Server - ok
21:13:47.0775 0x106c Waiting for KSN requests completion. In queue: 7
21:13:48.0775 0x106c Waiting for KSN requests completion. In queue: 7
21:13:49.0775 0x106c Waiting for KSN requests completion. In queue: 7
21:13:50.0782 0x106c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
21:13:50.0785 0x106c Win FW state via NFP2: enabled
21:13:53.0490 0x106c ============================================================
21:13:53.0490 0x106c Scan finished
21:13:53.0490 0x106c ============================================================
21:13:53.0499 0x11fc Detected object count: 0
21:13:53.0499 0x11fc Actual detected object count: 0
|
|
18.10.2014, 23:17
| #13 |
| | Unbekannter UploadCode:
ATTFilter MABR
Nichts gefunden.
Code:
ATTFilter ComboFix 14-10-15.01 - Sebastian 18.10.2014 21:59:03.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.7368.5164 [GMT 2:00]
ausgeführt von:: c:\users\Sebastian\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-09-18 bis 2014-10-18 ))))))))))))))))))))))))))))))
.
.
2014-10-18 20:02 . 2014-10-18 20:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-18 09:21 . 2014-10-18 19:57 -------- d-----w- c:\programdata\boost_interprocess
2014-10-18 09:21 . 2014-10-18 09:21 -------- d-----w- c:\users\Sebastian\AppData\Local\Plex Media Server
2014-10-18 09:21 . 2014-10-18 09:21 -------- d-----w- c:\users\Sebastian\AppData\Roaming\Apple Computer
2014-10-18 09:21 . 2014-10-18 09:21 -------- d-----w- c:\users\Sebastian\AppData\Local\Apple Computer
2014-10-18 09:19 . 2014-10-18 09:19 -------- d-----w- c:\program files (x86)\Plex
2014-10-18 09:16 . 2014-10-18 09:16 -------- d-----w- c:\programdata\Apple
2014-10-18 09:16 . 2014-10-18 09:16 -------- d-----w- c:\program files\Bonjour
2014-10-18 09:16 . 2014-10-18 09:16 -------- d-----w- c:\program files (x86)\Bonjour
2014-10-18 08:31 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B7DEE43F-2742-449B-BFB9-3A1C9FD5D287}\mpengine.dll
2014-10-16 21:32 . 2014-10-16 21:32 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-16 21:32 . 2014-10-16 21:32 -------- d-----r- c:\program files (x86)\Skype
2014-10-16 18:06 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-10-16 17:55 . 2014-10-16 17:55 -------- d-----w- c:\program files (x86)\ESET
2014-10-15 15:14 . 2014-09-18 02:00 3241472 ----a-w- c:\windows\system32\msi.dll
2014-10-14 07:42 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-10-13 18:27 . 2012-09-28 00:11 559616 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpcpp140.DLL
2014-10-13 18:27 . 2012-09-28 00:11 407552 ----a-w- c:\windows\system32\hpcpn140.dll
2014-10-13 18:27 . 2012-09-28 00:05 408576 ----a-w- c:\windows\SysWow64\hpcc3140.DLL
2014-10-13 18:26 . 2012-08-30 17:52 512512 ----a-w- c:\windows\SysWow64\hpcdmc32.DLL
2014-10-13 12:08 . 2014-10-13 12:08 -------- d-----w- c:\programdata\CloudBerry Explorer for Amazon S3
2014-10-13 12:02 . 2014-10-13 12:02 -------- d-----w- c:\windows\ERUNT
2014-10-13 11:56 . 2014-10-13 11:58 -------- d-----w- C:\AdwCleaner
2014-10-02 11:02 . 2014-10-18 19:28 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-10-02 09:36 . 2014-10-18 19:07 -------- d-----w- C:\FRST
2014-10-01 15:05 . 2014-09-17 20:44 1188440 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{537E62AD-1FB1-4164-8ABC-E46BFAAA6426}\gapaengine.dll
2014-09-30 17:25 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-30 17:25 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-28 11:58 . 2014-09-28 11:59 -------- d-----w- c:\users\Sebastian\AppData\Roaming\TrafficMonitor
2014-09-28 11:58 . 2014-09-28 11:58 -------- d-----w- c:\programdata\TrafficMonitor
2014-09-24 06:44 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-24 06:44 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-22 16:47 . 2014-09-22 16:47 -------- d-----w- c:\programdata\Licenses
2014-09-22 16:44 . 2014-09-22 16:44 -------- d-----w- c:\programdata\Simply Super Software
2014-09-22 13:04 . 2014-10-18 19:21 128728 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-22 13:03 . 2014-10-18 19:19 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-09-22 13:03 . 2014-10-08 18:30 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2014-09-22 13:03 . 2014-09-22 13:03 -------- d-----w- c:\programdata\Malwarebytes
2014-09-22 13:03 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-09-22 13:03 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-18 19:56 . 2014-07-20 14:22 65536 ----a-w- c:\windows\system32\spu_storage.bin
2014-10-16 01:00 . 2014-02-07 00:14 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-10-06 16:03 . 2014-02-07 00:23 25640 ----a-w- c:\windows\gdrv.sys
2014-10-06 15:26 . 2014-02-12 19:34 30528 ----a-w- c:\windows\GVTDrv64.sys
2014-10-06 15:26 . 2014-02-12 19:34 25640 ----a-w- c:\windows\etdrv.sys
2014-09-25 17:04 . 2014-06-13 18:04 590536 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-09-24 14:42 . 2014-04-29 15:58 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-24 14:42 . 2014-04-29 15:58 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-22 06:42 . 2010-11-21 03:27 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-17 20:44 . 2014-02-27 19:21 1188440 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-08-23 02:07 . 2014-08-28 07:24 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 07:24 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-12 16:49 . 2014-08-12 16:49 127872 ----a-w- c:\windows\system32\amdhcp64.dll
2014-08-12 16:49 . 2014-08-12 16:49 117560 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2014-08-12 16:49 . 2014-08-12 16:49 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-08-12 16:49 . 2014-08-12 16:49 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-08-12 16:49 . 2014-08-12 16:49 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-08-12 16:49 . 2014-08-12 16:49 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-08-12 16:49 . 2014-08-12 16:49 143304 ----a-w- c:\windows\system32\atiuxp64.dll
2014-08-12 16:49 . 2013-12-06 22:03 126336 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-08-12 16:48 . 2014-04-18 02:42 99520 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-08-12 16:48 . 2014-02-07 16:31 117584 ----a-w- c:\windows\system32\atiu9p64.dll
2014-08-12 16:48 . 2014-02-07 16:31 1331424 ----a-w- c:\windows\system32\aticfx64.dll
2014-08-12 16:48 . 2014-02-07 16:31 1110992 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-08-12 16:47 . 2014-08-12 16:47 10527312 ----a-w- c:\windows\system32\atidxx64.dll
2014-08-12 16:47 . 2013-12-06 21:59 9023464 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-08-12 16:47 . 2014-04-18 02:42 7102496 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-08-12 16:47 . 2014-04-18 02:42 6879016 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-08-12 16:47 . 2014-02-07 16:31 7892000 ----a-w- c:\windows\system32\atiumd6a.dll
2014-08-12 16:47 . 2014-02-07 16:31 8108312 ----a-w- c:\windows\system32\atiumd64.dll
2014-08-12 15:56 . 2014-08-12 15:56 276192 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-08-12 15:20 . 2014-08-12 15:20 15965184 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-08-12 15:07 . 2014-08-12 15:07 231424 ----a-w- c:\windows\system32\clinfo.exe
2014-08-12 15:06 . 2014-08-12 15:06 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-08-12 15:06 . 2014-08-12 15:06 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-08-12 15:06 . 2014-08-12 15:06 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-08-12 15:06 . 2014-08-12 15:06 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-08-12 15:06 . 2014-08-12 15:06 32876544 ----a-w- c:\windows\system32\amdocl64.dll
2014-08-12 15:03 . 2014-08-12 15:03 27843072 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-08-12 15:00 . 2014-08-12 15:00 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-08-12 15:00 . 2014-08-12 15:00 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-08-12 14:49 . 2014-08-12 14:49 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-08-12 14:49 . 2014-08-12 14:49 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-08-12 14:48 . 2014-08-12 14:48 5225472 ----a-w- c:\windows\system32\amdmantle64.dll
2014-08-12 14:41 . 2014-08-12 14:41 27528704 ----a-w- c:\windows\system32\atio6axx.dll
2014-08-12 14:32 . 2014-08-12 14:32 4180992 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-08-12 14:21 . 2014-08-12 14:21 23027712 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-08-12 14:16 . 2014-08-12 14:16 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-08-12 14:16 . 2014-08-12 14:16 366592 ----a-w- c:\windows\system32\atiapfxx.exe
2014-08-12 14:16 . 2014-08-12 14:16 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2014-08-12 14:16 . 2014-08-12 14:16 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-08-12 14:16 . 2014-08-12 14:16 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-08-12 14:16 . 2014-08-12 14:16 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-08-12 14:16 . 2014-08-12 14:16 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-08-12 14:16 . 2014-08-12 14:16 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-08-12 14:13 . 2014-08-12 14:13 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-08-12 14:00 . 2014-08-12 14:00 48128 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-08-12 14:00 . 2014-08-12 14:00 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-08-12 14:00 . 2014-08-12 14:00 37888 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-08-12 13:59 . 2014-08-12 13:59 31232 ----a-w- c:\windows\system32\atimuixx.dll
2014-08-12 13:59 . 2014-08-12 13:59 588800 ----a-w- c:\windows\system32\atieclxx.exe
2014-08-12 13:59 . 2014-08-12 13:59 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2014-08-12 13:58 . 2014-08-12 13:58 190976 ----a-w- c:\windows\system32\atitmm64.dll
2014-08-12 13:43 . 2014-08-12 13:43 826368 ----a-w- c:\windows\system32\coinst_14.20.dll
2014-08-12 13:35 . 2014-08-12 13:35 95744 ----a-w- c:\windows\system32\amdave64.dll
2014-08-12 13:35 . 2014-08-12 13:35 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2014-08-12 13:34 . 2014-08-12 13:34 89088 ----a-w- c:\windows\system32\atisamu64.dll
2014-08-12 13:34 . 2014-08-12 13:34 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2014-08-12 13:34 . 2014-08-12 13:34 1207296 ----a-w- c:\windows\system32\atiadlxx.dll
2014-08-12 13:34 . 2013-12-06 20:22 898560 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2014-08-12 13:34 . 2014-08-12 13:34 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2014-08-12 13:34 . 2014-08-12 13:34 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2014-08-12 13:34 . 2014-08-12 13:34 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-08-12 13:34 . 2014-08-12 13:34 146944 ----a-w- c:\windows\system32\atig6txx.dll
2014-08-12 13:33 . 2014-08-12 13:33 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2014-08-12 13:33 . 2014-08-12 13:33 557568 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-08-12 13:28 . 2014-08-12 13:28 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2014-08-12 09:17 . 2014-08-12 09:17 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-08-12 09:12 . 2014-08-12 09:12 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2014-08-01 11:53 . 2014-09-09 19:42 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-08-01 11:35 . 2014-09-09 19:42 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-07-30 20:45 . 2014-07-30 20:45 262096 ----a-w- c:\windows\system32\gcp_portmon64.dll
2014-07-25 10:55 . 2014-05-15 10:50 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-03 19:38 223432 ----a-w- c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-03 19:38 223432 ----a-w- c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-03 19:38 223432 ----a-w- c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ScreenSplitter"="c:\program files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe" [2013-07-24 695296]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2014-08-07 688984]
"AppEx Accelerator UI"="c:\program files\AMD Quick Stream\AMDQuickStream.exe" [2014-03-31 482528]
"AEM"="c:\program files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe" [2014-07-16 1721128]
"GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-10-10 854344]
"Plex Media Server"="c:\program files (x86)\Plex\Plex Media Server\Plex Media Server.exe" [2011-11-26 2699344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StatusAlerts"="c:\program files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2012-07-18 313248]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2014-01-09 374784]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2014-06-04 191528]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-08-12 767200]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-09-23 165168]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2014-08-07 688984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
R3 cpuz136;cpuz136;c:\users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys;c:\windows\SYSNATIVE\DRIVERS\evolve.sys [x]
R3 getbus;getbus;c:\users\SEBAST~1\AppData\Local\Temp\getbus.sys;c:\users\SEBAST~1\AppData\Local\Temp\getbus.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PDF Architect 2;PDF Architect 2;c:\program files (x86)\PDF Architect 2\ws.exe;c:\program files (x86)\PDF Architect 2\ws.exe [x]
R3 pdfforge CrashHandler;pdfforge CrashHandler;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AEM Service5;AEM Service5;c:\program files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe ;c:\program files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys;c:\program files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 APXACC;AppEx Networks Accelerator LWF;c:\windows\system32\DRIVERS\appexDrv.sys;c:\windows\SYSNATIVE\DRIVERS\appexDrv.sys [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 PDF Architect 2 Creator;PDF Architect 2 Creator;c:\program files (x86)\PDF Architect 2\creator-ws.exe;c:\program files (x86)\PDF Architect 2\creator-ws.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 ibtusb;Intel(R) Wireless Bluetooth(R) 4.0 + HS-Adapter;c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-15 15:16 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29 14:42]
.
2014-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07 05:42]
.
2014-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07 05:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-03 19:38 262344 ----a-w- c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-03 19:38 262344 ----a-w- c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-03 19:38 262344 ----a-w- c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-09-25 17:05 2334416 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-09-25 17:05 2334416 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-09-25 17:05 2334416 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-09-03 13651672]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-09-17 184112]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-05-21 7830328]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
"NUSB3MON"="c:\program files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe" [2012-04-11 97280]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mDefault_Search_URL = www.google.com
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3995683688-22251476-601076843-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3995683688-22251476-601076843-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-10-18 22:04:12
ComboFix-quarantined-files.txt 2014-10-18 20:04
ComboFix2.txt 2014-10-06 16:04
.
Vor Suchlauf: 19 Verzeichnis(se), 34.762.141.696 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 34.440.712.192 Bytes frei
.
- - End Of File - - 10C6CF4CAA74B24BA52FAD6C6C00DC08
A36C5E4F47E84449FF07ED3517B43A31
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 18.10.2014 Scan Time: 22:08:55 Logfile: MBAM.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.10.18.06 Rootkit Database: v2014.10.17.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Sebastian Scan Type: Threat Scan Result: Completed Objects Scanned: 329980 Time Elapsed: 5 min, 7 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v4.000 - Bericht erstellt am 18/10/2014 um 22:30:46
# Aktualisiert 12/10/2014 von Xplode
# Datenbank : 2014-10-17.9
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Sebastian - SEBASTIAN-PC
# Gestartet von : C:\Users\Sebastian\Downloads\AdwCleaner_4.000.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Google Chrome v38.0.2125.104
*************************
AdwCleaner[R0].txt - [1081 octets] - [13/10/2014 13:57:02]
AdwCleaner[R1].txt - [903 octets] - [18/10/2014 22:24:31]
AdwCleaner[R2].txt - [764 octets] - [18/10/2014 22:30:46]
AdwCleaner[S0].txt - [1339 octets] - [13/10/2014 13:58:41]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [883 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 7 Professional x64
Ran by Sebastian on 18.10.2014 at 22:33:32,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\CloudBerry Explorer for Amazon S3
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.10.2014 at 22:35:37,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=db73c508ef80b64ba32d7060bb7ab9c6
# engine=20667
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-18 10:01:23
# local_time=2014-10-19 12:01:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 2523507 36650077 0 0
# scanned=178210
# found=0
# cleaned=0
# scan_time=2256
Code:
ATTFilter Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials
(On Access scanning disabled!)
Error obtaining update status for antivirus!
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities 2014
TuneUp Utilities 2014 (de-DE)
TuneUp Utilities 2014
Java 7 Update 67
Adobe Flash Player 15.0.0.152
Adobe Reader XI
Google Chrome 37.0.2062.124
Google Chrome 38.0.2125.104
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-10-2014 01
Ran by Sebastian (administrator) on SEBASTIAN-PC on 19-10-2014 00:06:17
Running from C:\Users\Sebastian\Downloads
Loaded Profile: Sebastian (Available profiles: Sebastian)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Sebastian\Downloads\FRST64 (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [374784 2014-01-09] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-08-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [695296 2013-07-24] (LG Electronics)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AEM] => C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe [1721128 2014-07-16] (Namtuk.com)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-10] (Google Inc.)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [2699344 2011-11-26] (Plex, Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCC7BE164C723CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "", "hxxp://www.google.com", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1403882782&from=kmp&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF133361R"
CHR DefaultSearchKeyword: Default -> google.de__
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-29]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-29]
CHR Extension: (Google-Suche) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-29]
CHR Extension: (AdBlock) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-29]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-06-29]
CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-06-29]
CHR Extension: (Google Mail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-29]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AEM Service5; C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe [334848 2014-07-16] (Namtuk.com) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-12] (Advanced Micro Devices, Inc.) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [File not signed]
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738344 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-04-29] (Echobit, LLC)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-06] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-02-12] (REALiX(tm))
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [114632 2013-08-28] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3599840 2013-10-14] (Intel Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 getbus; \??\C:\Users\SEBAST~1\AppData\Local\Temp\getbus.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-18 23:18 - 2014-10-18 23:18 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-18 22:35 - 2014-10-18 22:35 - 00000712 _____ () C:\Users\Sebastian\Desktop\JRT.txt
2014-10-18 22:33 - 2014-10-14 13:43 - 01705698 _____ (Thisisu) C:\Users\Sebastian\Desktop\JRT_NEW.exe
2014-10-18 22:23 - 2014-10-18 22:23 - 01976320 _____ () C:\Users\Sebastian\Downloads\AdwCleaner_4.000 (1).exe
2014-10-18 22:04 - 2014-10-18 22:04 - 00028192 _____ () C:\ComboFix.txt
2014-10-18 21:15 - 2014-10-18 21:17 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Sebastian\Downloads\mbar-1.07.0.1012 (1).exe
2014-10-18 21:10 - 2014-10-18 21:10 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sebastian\Downloads\tdsskiller (1).exe
2014-10-18 21:09 - 2014-10-18 21:10 - 02112000 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64 (1).exe
2014-10-18 11:21 - 2014-10-18 23:17 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-10-18 11:21 - 2014-10-18 11:21 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Apple Computer
2014-10-18 11:21 - 2014-10-18 11:21 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Plex Media Server
2014-10-18 11:21 - 2014-10-18 11:21 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Apple Computer
2014-10-18 11:20 - 2014-10-18 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-10-18 11:19 - 2014-10-18 11:19 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-10-18 11:16 - 2014-10-18 11:16 - 00000000 ____D () C:\ProgramData\Apple
2014-10-18 11:16 - 2014-10-18 11:16 - 00000000 ____D () C:\Program Files\Bonjour
2014-10-18 11:16 - 2014-10-18 11:16 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-10-18 11:11 - 2014-10-18 11:36 - 173681482 _____ () C:\Users\Sebastian\Downloads\smartshare.zip
2014-10-18 11:11 - 2014-10-18 11:12 - 52385872 _____ (Microsoft Corporation) C:\Users\Sebastian\Downloads\Plex-Media-Server-v0.9.502-en-US.exe
2014-10-16 23:32 - 2014-10-16 23:32 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-16 23:32 - 2014-10-16 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-15 19:44 - 2014-10-15 19:44 - 00854417 _____ () C:\Users\Sebastian\Downloads\SecurityCheck.exe
2014-10-15 17:57 - 2014-10-15 17:57 - 02347384 _____ (ESET) C:\Users\Sebastian\Downloads\esetsmartinstaller_deu.exe
2014-10-15 17:15 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 17:15 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 17:15 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 17:15 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 17:15 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 17:15 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 17:15 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 17:15 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 17:15 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 17:15 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 17:15 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 17:15 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 17:15 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 17:15 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 17:15 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 17:15 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 17:15 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 17:15 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 17:15 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 17:15 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 17:15 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 17:15 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 17:15 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 17:15 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 17:15 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 17:15 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 17:15 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 17:15 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 17:15 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 17:15 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 17:15 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 17:15 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 17:15 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 17:15 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 17:15 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 17:15 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 17:15 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 17:15 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 17:15 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 17:15 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 17:15 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 17:15 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 17:15 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 17:15 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 17:15 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 17:15 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 17:15 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 17:15 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 17:15 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 17:15 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 17:15 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 17:15 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 17:15 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 17:15 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 17:15 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 17:15 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 17:15 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 17:15 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 17:15 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 17:15 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 17:15 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 17:15 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 17:15 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 17:15 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 17:15 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 17:15 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 17:15 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 17:15 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 17:15 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 17:15 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 17:15 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 17:15 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 17:15 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 17:15 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 17:15 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 17:15 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 17:15 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 17:15 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 17:15 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 17:15 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 17:15 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 17:15 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 17:15 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 17:15 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 17:15 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 17:15 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 17:15 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 17:15 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 17:15 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 17:15 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 17:15 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 17:15 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 17:15 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 17:15 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 17:15 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 17:14 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 17:14 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 17:14 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 17:14 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 17:14 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 17:14 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 17:14 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 17:14 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 17:14 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 17:14 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 17:14 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 17:14 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 17:14 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 17:14 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 17:14 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 09:42 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-10-13 20:28 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-10-13 20:28 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-13 20:28 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-13 20:28 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-10-13 20:28 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-10-13 20:28 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-13 20:28 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-13 20:28 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-10-13 20:28 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-10-13 20:28 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-10-13 20:28 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-10-13 20:28 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-10-13 20:28 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-13 20:28 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-13 20:28 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-10-13 20:28 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-13 20:28 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-10-13 20:28 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-10-13 20:28 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-10-13 20:28 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-10-13 20:28 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-10-13 20:27 - 2012-09-28 02:11 - 00407552 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn140.dll
2014-10-13 20:27 - 2012-09-28 02:05 - 00408576 _____ () C:\Windows\SysWOW64\hpcc3140.DLL
2014-10-13 20:26 - 2012-08-30 19:52 - 00512512 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.DLL
2014-10-13 14:06 - 2014-10-18 21:06 - 00000000 ____D () C:\Users\Sebastian\Downloads\FRST-OlderVersion
2014-10-13 14:02 - 2014-10-13 14:02 - 00000000 ____D () C:\Windows\ERUNT
2014-10-13 14:01 - 2014-10-13 14:01 - 01705755 _____ (Thisisu) C:\Users\Sebastian\Downloads\JRT.exe
2014-10-13 13:56 - 2014-10-18 22:31 - 00000000 ____D () C:\AdwCleaner
2014-10-13 13:48 - 2014-10-13 13:48 - 01976320 _____ () C:\Users\Sebastian\Downloads\AdwCleaner_4.000.exe
2014-10-12 23:26 - 2014-10-12 23:26 - 00002775 _____ () C:\Users\Sebastian\Downloads\mailFilters.xml
2014-10-08 20:28 - 2014-10-08 20:30 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-10-06 17:58 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-06 17:58 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-06 17:58 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-06 17:54 - 2014-10-18 22:04 - 00000000 ____D () C:\Qoobox
2014-10-06 17:54 - 2014-10-06 18:04 - 00000000 ____D () C:\Windows\erdnt
2014-10-06 17:27 - 2014-10-18 21:32 - 05583559 ____R (Swearware) C:\Users\Sebastian\Downloads\ComboFix.exe
2014-10-02 13:02 - 2014-10-18 21:28 - 00000000 ____D () C:\Users\Sebastian\Desktop\mbar
2014-10-02 13:02 - 2014-10-18 21:28 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-02 13:00 - 2014-10-02 13:01 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Sebastian\Downloads\mbar-1.07.0.1012.exe
2014-10-02 12:58 - 2014-10-02 12:58 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sebastian\Downloads\tdsskiller.exe
2014-10-02 12:16 - 2014-10-02 12:16 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (2).txt
2014-10-02 12:15 - 2014-10-02 12:15 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (2).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (1).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (1).txt
2014-10-02 11:37 - 2014-10-02 11:37 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition.txt
2014-10-02 11:36 - 2014-10-19 00:06 - 00020789 _____ () C:\Users\Sebastian\Downloads\FRST.txt
2014-10-02 11:36 - 2014-10-19 00:06 - 00000000 ____D () C:\FRST
2014-10-02 11:35 - 2014-10-18 21:06 - 02112000 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2014-09-30 19:25 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:25 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-28 13:58 - 2014-09-28 13:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TrafficMonitor
2014-09-28 13:58 - 2014-09-28 13:58 - 00000000 ____D () C:\ProgramData\TrafficMonitor
2014-09-28 13:57 - 2014-09-28 13:57 - 03469477 _____ () C:\Users\Sebastian\Downloads\trafficmsw.zip
2014-09-27 22:04 - 2014-09-27 22:04 - 00540302 _____ () C:\Users\Sebastian\Downloads\SeaGiant.zip
2014-09-24 08:44 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 08:44 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 21:18 - 2014-09-23 21:22 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly (1).zip
2014-09-23 20:17 - 2014-09-23 20:17 - 00000000 ____D () C:\Users\Sebastian\Downloads\Postversand
2014-09-23 20:16 - 2014-09-23 20:16 - 01644283 _____ () C:\Users\Sebastian\Downloads\Postversand.zip
2014-09-23 20:03 - 2014-09-23 20:40 - 00036864 _____ () C:\Users\Sebastian\Downloads\Airline Mailing Address.xls
2014-09-22 20:41 - 2014-09-22 20:41 - 02324917 _____ () C:\Users\Sebastian\Downloads\crashcrawlerv8.zip
2014-09-22 18:47 - 2014-10-06 18:00 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-22 18:47 - 2014-09-22 18:47 - 00000000 ____D () C:\ProgramData\Licenses
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-09-22 18:43 - 2014-09-22 18:43 - 21407864 _____ (Simply Super Software ) C:\Users\Sebastian\Downloads\trjsetup690.exe
2014-09-22 15:04 - 2014-10-18 22:08 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 15:04 - 2014-09-22 15:04 - 00004698 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-22 15:04 - 2014-09-22 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-22 15:03 - 2014-10-18 21:19 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-22 15:03 - 2014-10-08 20:30 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 15:03 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-22 15:03 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-22 14:58 - 2014-09-22 14:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-22 14:02 - 2014-09-22 14:02 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly.zip
2014-09-20 12:32 - 2014-09-20 12:32 - 02320830 _____ () C:\Users\Sebastian\Downloads\CrashCrawlerV6.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-18 23:42 - 2014-04-29 17:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-18 23:24 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-18 23:24 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-18 23:23 - 2011-04-12 09:43 - 00701996 _____ () C:\Windows\system32\perfh007.dat
2014-10-18 23:23 - 2011-04-12 09:43 - 00150662 _____ () C:\Windows\system32\perfc007.dat
2014-10-18 23:23 - 2009-07-14 07:13 - 01628294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-18 23:20 - 2014-02-07 07:26 - 01937860 _____ () C:\Windows\WindowsUpdate.log
2014-10-18 23:17 - 2014-02-22 13:05 - 00000000 ____D () C:\ProgramData\VMware
2014-10-18 23:16 - 2014-09-13 13:50 - 00021646 _____ () C:\Windows\PFRO.log
2014-10-18 23:16 - 2014-09-12 19:28 - 00005044 _____ () C:\Windows\setupact.log
2014-10-18 23:16 - 2014-07-30 22:45 - 00007470 _____ () C:\Windows\system32\debug.log
2014-10-18 23:16 - 2014-07-20 16:22 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-10-18 23:16 - 2014-02-07 07:42 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-18 23:16 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-18 23:14 - 2014-02-07 07:42 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-18 22:02 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-18 21:57 - 2014-02-07 07:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-18 21:33 - 2014-02-07 01:37 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Battle.net
2014-10-18 16:46 - 2014-02-07 07:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-17 00:59 - 2014-02-11 21:43 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Skype
2014-10-16 23:52 - 2014-02-07 18:22 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\netz
2014-10-16 23:32 - 2014-02-11 21:43 - 00000000 ____D () C:\ProgramData\Skype
2014-10-16 19:58 - 2014-02-22 13:07 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\VMware
2014-10-16 19:57 - 2014-02-22 13:07 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\VMware
2014-10-16 08:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 07:24 - 2009-07-14 06:45 - 00328664 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 07:23 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 07:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 07:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-16 03:03 - 2014-02-07 02:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 03:00 - 2014-02-07 02:14 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 17:19 - 2014-09-12 19:47 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-15 17:16 - 2014-02-07 18:56 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-13 20:30 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 20:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-13 20:28 - 2014-02-07 07:33 - 01601638 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-13 14:06 - 2014-08-05 19:12 - 00001147 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-13 14:06 - 2014-02-07 07:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-07 18:18 - 2014-03-05 23:29 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\HpUpdate
2014-10-06 18:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-10-06 18:03 - 2014-02-07 02:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-10-06 17:26 - 2014-02-12 21:34 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-10-06 17:26 - 2014-02-12 21:34 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2014-10-02 01:41 - 2014-03-19 23:02 - 00000000 ____D () C:\Users\Sebastian\Desktop\Rechnungen refund.me
2014-09-30 01:55 - 2014-02-08 11:14 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\uTorrent
2014-09-25 19:06 - 2014-06-13 19:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-24 16:42 - 2014-04-29 17:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 16:42 - 2014-04-29 17:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 16:42 - 2014-04-29 17:58 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 09:56 - 2014-02-07 19:00 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-09-23 02:59 - 2014-05-16 00:29 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-09-23 02:59 - 2014-02-22 02:30 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-09-22 18:20 - 2014-08-30 12:43 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest (1)
2014-09-22 18:20 - 2014-08-08 16:25 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest
2014-09-22 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-09-22 15:05 - 2014-05-15 12:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-22 15:04 - 2014-05-15 12:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-22 13:56 - 2014-02-18 21:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 18:36 - 2014-02-08 13:34 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\vlc
Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-16 00:03
==================== End Of Log ============================
|
|
19.10.2014, 14:10
| #14 |
| /// the machine /// TB-Ausbilder | Unbekannter Upload Warum hast du alle Programme nochmal laufen lassen? Naja egal, sieht gut aus. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
WARNUNG an die MITLESER: 
Linear-Darstellung
