| |
| |||||||
Log-Analyse und Auswertung: Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbstWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
21.08.2014, 01:29
| #1 |
 |  Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst Hallo zusammen, nachdem ich am letzten Donnerstag unvorsichtigerweise bei dem Pop-Up der "updateflashplayer.***.exe" auf OK geklickt habe, lädt der Internet-Explorer von selbst, öffnet mehrere Prozesse und ruft laut History irgendwelche Internetseiten auf. Wird der IE gelöscht bzw. deaktiviert, scheint sich das Problem auf die explorer.exe zu verlagern und dort sein Unwesen zu treiben. Direkt im Anschluss an den Klick wurde von Avira TR/ATRAPS.Gen gefunden und ein paar Stunden später TR/Crypt.ZPACK.93160. Nachdem die betroffenen Datein in der Qurantäne waren, fand Avira keine neuen Bedrohungen. An den folgenden Tagen wurde jedoch mehrfach über den Browser-Schutz eine Datei geblockt (siehe untenstehenden Log). Über den Eset Online-Scanner wurde ebenfalls nichts weltbewegendes gefunden. Ich würde mich freuen, wenn ich mit eurer Hilfe mein System wieder sauber bekommen würde. Danke schon mal im Vorraus! Mit freundlichem Gruß  Wie gefordert, habe ich schon ein paar Log-Dateien erstellt: Avira: Code:
ATTFilter Exportierte Ereignisse:
19.08.2014 14:59 [Browser-Schutz] Malware gefunden
Beim Zugriff auf Daten der URL
"hxxp://download.cdn.sharelive.net/cdn/r/1427/iLividSetup-r1427-t-bi.exe"
wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program]
gefunden.
Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert
19.08.2014 11:19 [Browser-Schutz] Malware gefunden
Beim Zugriff auf Daten der URL
"hxxp://download.cdn.sharelive.net/cdn/r/1428/iLividSetup-r1428-t-bi.exe"
wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program]
gefunden.
Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert
19.08.2014 01:46 [Browser-Schutz] Malware gefunden
Beim Zugriff auf Daten der URL
"hxxp://download.cdn.sharelive.net/cdn/r/1427/iLividSetup-r1427-t-bi.exe"
wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program]
gefunden.
Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert
19.08.2014 01:07 [Browser-Schutz] Malware gefunden
Beim Zugriff auf Daten der URL
"hxxp://download.cdn.sharelive.net/cdn/r/1427/iLividSetup-r1427-t-bi.exe"
wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program]
gefunden.
Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert
19.08.2014 01:07 [Browser-Schutz] Malware gefunden
Beim Zugriff auf Daten der URL
"hxxp://download.cdn.sharelive.net/cdn/r/1427/iLividSetup-r1427-t-bi.exe"
wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program]
gefunden.
Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert
18.08.2014 23:03 [Browser-Schutz] Malware gefunden
Beim Zugriff auf Daten der URL
"hxxp://download.cdn.sharelive.net/cdn/r/1427/iLividSetup-r1427-t-bi.exe"
wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program]
gefunden.
Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert
18.08.2014 23:03 [Browser-Schutz] Malware gefunden
Beim Zugriff auf Daten der URL
"hxxp://download.cdn.sharelive.net/cdn/r/1427/iLividSetup-r1427-t-bi.exe"
wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program]
gefunden.
Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert
18.08.2014 16:28 [Browser-Schutz] Malware gefunden
Beim Zugriff auf Daten der URL
"hxxp://download.cdn.sharelive.net/cdn/r/1428/iLividSetup-r1428-t-bi.exe"
wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program]
gefunden.
Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert
18.08.2014 15:58 [Browser-Schutz] Malware gefunden
Beim Zugriff auf Daten der URL
"hxxp://download.cdn.sharelive.net/cdn/r/1427/iLividSetup-r1427-t-bi.exe"
wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program]
gefunden.
Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert
18.08.2014 15:30 [Browser-Schutz] Malware gefunden
Beim Zugriff auf Daten der URL
"hxxp://download.cdn.sharelive.net/cdn/r/1428/iLividSetup-r1428-t-bi.exe"
wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program]
gefunden.
Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert
18.08.2014 15:24 [Browser-Schutz] Malware gefunden
Beim Zugriff auf Daten der URL
"hxxp://download.cdn.sharelive.net/cdn/r/1428/iLividSetup-r1428-t-bi.exe"
wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program]
gefunden.
Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert
18.08.2014 15:12 [Browser-Schutz] Malware gefunden
Beim Zugriff auf Daten der URL
"hxxp://download.cdn.sharelive.net/cdn/r/1427/iLividSetup-r1427-t-bi.exe"
wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program]
gefunden.
Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert
18.08.2014 14:44 [Browser-Schutz] Malware gefunden
Beim Zugriff auf Daten der URL
"hxxp://download.cdn.sharelive.net/cdn/r/1427/iLividSetup-r1427-t-bi.exe"
wurde ein Virus oder unerwünschtes Programm 'APPL/Downloader.Gen' [program]
gefunden.
Durchgeführte Aktion: Datei in Quarantäne verschieben
17.08.2014 20:40 [System-Scanner] Malware gefunden
Die Datei 'C:\ProgramData\AmgoxBudga\AmgoxBudga.dat'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.93160'
[trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5172652c.qua'
verschoben!
Der Registrierungseintrag
<HKEY_USERS\S-1-5-21-1188316696-1463214734-3367143495-1001\SOFTWARE\Microsoft\Wi
ndows\CurrentVersion\Run\AmgoxBudga> wurde erfolgreich repariert.
17.08.2014 20:39 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\AmgoxBudga\AmgoxBudga.dat'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.93160' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.08.2014 20:38 [System-Scanner] Malware gefunden
Die Datei 'C:\ProgramData\AqgalPoruf\AqgalPoruf.dat'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.93160'
[trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5160604c.qua'
verschoben!
Der Registrierungseintrag
<HKEY_USERS\S-1-5-21-1188316696-1463214734-3367143495-1001\SOFTWARE\Microsoft\Wi
ndows\CurrentVersion\Run\AqgalPoruf> wurde erfolgreich repariert.
17.08.2014 20:35 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\AqgalPoruf\AqgalPoruf.dat'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.93160' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.08.2014 17:13 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\Users\Michael\AppData\Roaming\Microsoft\Windows\IEUpdate\eventvwr.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/ATRAPS.Gen' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
Code:
ATTFilter C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung
C:\Program Files (x86)\ICQ7.4\upgrade\2dcd1d63cb45e6613582211c3d5f4b23 Win32/OpenCandy potenziell unsichere Anwendung
C:\Program Files (x86)\ICQ7.4\upgrade\53e83dd5315bfb1f928441c9b4618b68 Win32/OpenCandy potenziell unsichere Anwendung
C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Templates\FCTBSetup.exe Variante von Win32/Complitly.A evtl. unerwünschte Anwendung
C:\Users\Michael\Downloads\ccsetup410.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung
C:\Users\Michael\Downloads\ccsetup416.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung
C:\Users\Michael\Downloads\FCTBSetup.exe Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung
C:\Users\Michael\Downloads\FreeAudioConverter-5.0.45.806.exe Variante von Win32/OpenCandy.A potenziell unsichere Anwendung
C:\Users\Michael\Downloads\OrbitDownloaderSetup4111.exe Win32/OpenCandy potenziell unsichere Anwendung
C:\Users\Michael\Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung
C:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ApnIC[1].0 Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0 Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0 Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung
C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ApnIC[1].0 Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0 Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0 Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:18 on 20/08/2014 (Michael)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Michael (administrator) on MICHAEL-PC on 21-08-2014 01:06:06
Running from C:\Users\Michael\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\Agent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\EuWatch.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\Logitech\QCDriver3\LVComS.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [968272 2010-06-22] (Dritek System Inc.)
HKLM-x32\...\Run: [EaseUs Watch] => C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\EuWatch.exe [69000 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [LVCOMS] => C:\Program Files (x86)\Common Files\Logitech\QCDriver3\LVCOMS.EXE [127022 2002-12-10] (Logitech Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Freecorder FLV Service] => "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1188316696-1463214734-3367143495-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1188316696-1463214734-3367143495-1001\...\Command Processor: "C:\Users\Michael\AppData\Roaming\Microsoft\Windows\IEUpdate\eventvwr.exe" <===== ATTENTION!
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
BHO: No Name -> {41564952-412D-5637-00A7-7A786E7484D7} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.3.1
FireFox:
========
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default\Extensions\abs@avira.com [2014-08-19]
FF Extension: DownloadHelper - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-08]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 EASEUS Agent; C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\Agent.exe [55688 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2010-07-15] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2010-07-15] () [File not signed]
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [36232 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R3 EuDisk; C:\Windows\System32\DRIVERS\EuDisk.sys [193416 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd)
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [17800 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUFS; C:\Windows\System32\drivers\eufs.sys [26504 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2010-07-15] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2010-07-15] () [File not signed]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
U3 kxliifow; \??\C:\Users\Michael\AppData\Local\Temp\kxliifow.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-21 01:06 - 2014-08-21 01:06 - 00016181 _____ () C:\Users\Michael\Desktop\FRST.txt
2014-08-20 21:55 - 2014-08-20 21:56 - 02347384 _____ (ESET) C:\Users\Michael\Downloads\esetsmartinstaller_deu(1).exe
2014-08-20 21:19 - 2014-08-21 01:06 - 00000000 ____D () C:\FRST
2014-08-20 21:17 - 2014-08-20 21:17 - 00000000 _____ () C:\Users\Michael\defogger_reenable
2014-08-20 20:50 - 2014-08-20 20:50 - 00000000 ____D () C:\Users\Michael\AppData\Local\{3D2DD5FB-6969-4999-B157-B2A43AC4ECE1}
2014-08-20 20:24 - 2014-08-21 01:04 - 00000000 ____D () C:\Users\Michael\Desktop\System-Säuberung
2014-08-20 20:21 - 2014-08-20 20:21 - 02101760 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2014-08-20 11:36 - 2014-08-20 11:36 - 00046873 _____ () C:\Windows\SysWOW64\unil.exe
2014-08-20 11:36 - 2014-08-20 11:36 - 00000000 ____D () C:\Michael
2014-08-19 21:44 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 21:44 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 21:44 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 21:44 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 21:44 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 21:44 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 21:44 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 21:44 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 21:44 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 21:44 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 21:44 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 21:44 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 21:44 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 21:44 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-19 21:44 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 21:44 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 21:44 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-19 21:44 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 21:44 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-19 21:44 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-19 21:44 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-19 21:44 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-19 21:44 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-19 21:44 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-19 21:44 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 21:44 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-19 21:44 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-19 21:44 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-19 21:44 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-19 21:44 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-19 21:44 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-19 21:44 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-19 21:44 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-19 21:44 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-19 21:44 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-19 21:44 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 21:44 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-19 21:44 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-19 21:44 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 21:44 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-19 21:44 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-19 21:44 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-19 21:44 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-19 21:44 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-19 21:44 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-19 21:44 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-19 21:44 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-19 21:44 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-19 21:44 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-19 21:44 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-19 21:44 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-19 21:44 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-19 21:44 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-19 21:44 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-19 21:44 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-19 21:44 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-19 15:51 - 2014-08-19 15:51 - 00000000 ____D () C:\Users\Michael\AppData\Local\{38B2E845-4D07-4961-B970-98EC8CD0CEAD}
2014-08-19 15:39 - 2014-08-19 15:39 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-19 15:37 - 2014-08-19 15:37 - 02077392 _____ (Microsoft Corporation) C:\Users\Michael\Downloads\IE11-Windows6.1.exe
2014-08-19 15:15 - 2014-08-19 15:15 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C44E66C8-D51D-495E-BA97-4304D70E0182}
2014-08-19 15:10 - 2014-08-19 15:11 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\Michael\Downloads\avira_de_av___ws.exe
2014-08-19 12:40 - 2014-08-19 15:50 - 00001417 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-18 22:44 - 2014-08-18 22:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{731D6040-732C-4DE9-98FC-709267031DBD}
2014-08-18 15:06 - 2014-08-18 15:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{99AC47CD-5F49-4750-A2FF-426C684CBE8E}
2014-08-18 14:01 - 2014-08-18 14:01 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F0D04E7A-FEB5-4741-AEDF-E437370C8C62}
2014-08-18 13:02 - 2014-08-18 13:02 - 00000000 ____D () C:\Users\Michael\AppData\Local\{153F9F39-0933-4147-AE57-91E7DA2D8CAA}
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5D930934-5124-466B-AE81-79A4AF65A101}
2014-08-17 22:20 - 2014-08-17 22:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-17 22:19 - 2014-08-17 22:20 - 02347384 _____ (ESET) C:\Users\Michael\Downloads\esetsmartinstaller_deu.exe
2014-08-17 21:30 - 2014-08-19 11:56 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\QuickScan
2014-08-17 18:05 - 2014-08-17 18:06 - 04813544 _____ (Piriform Ltd) C:\Users\Michael\Downloads\ccsetup416.exe
2014-08-17 17:57 - 2014-08-17 17:57 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1BC41C44-349C-4656-B3E0-26163AA28D42}
2014-08-17 17:10 - 2014-08-17 17:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0107BFDA-B12C-48F6-8E47-B4AB6B8CDE05}
2014-08-17 01:04 - 2014-08-17 01:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{34A4F854-7900-4862-8F65-6E12975E9D54}
2014-08-15 09:23 - 2014-08-15 09:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1442DB7E-FFC6-4E4C-91D8-99B7C9E1E12B}
2014-08-14 10:36 - 2014-08-14 10:37 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C42E855C-4B60-429C-B1B3-4D95D47F24DA}
2014-08-13 12:19 - 2014-08-13 12:20 - 00000000 ____D () C:\Users\Michael\AppData\Local\{D1DF6F7D-6F82-4F22-ABDE-0C7640A75E89}
2014-08-13 10:51 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 10:51 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 10:51 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 10:51 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 10:51 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 10:51 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 10:50 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 10:50 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 10:49 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 10:49 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 10:49 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 10:49 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 10:49 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 10:49 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 10:49 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 10:49 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 10:49 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 10:48 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 10:47 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 10:47 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 10:41 - 2014-08-13 10:41 - 00000000 ____D () C:\Users\Michael\AppData\Local\{42D91D13-48AF-4C95-AC18-F5C8ED438B6B}
2014-08-12 20:25 - 2014-08-12 20:25 - 00001442 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-08-12 20:25 - 2014-08-12 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-08-12 20:24 - 2014-08-12 20:25 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-08-12 20:23 - 2014-08-12 20:24 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\DVDVideoSoft
2014-08-12 20:21 - 2014-08-12 20:21 - 28401992 _____ (DVDVideoSoft Ltd. ) C:\Users\Michael\Downloads\FreeAudioConverter-5.0.45.806.exe
2014-08-12 09:54 - 2014-08-12 09:55 - 00000000 ____D () C:\Users\Michael\AppData\Local\{16A1732A-8B23-43D9-B2F8-08B5350750A4}
2014-08-11 11:20 - 2014-08-11 11:20 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-11 11:20 - 2014-08-11 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-10 14:04 - 2014-08-10 14:05 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F467A3D9-869E-4765-9078-E3264A274CF0}
2014-08-09 22:23 - 2014-08-09 22:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F7399A5B-CD27-486F-A1D5-FD6C3D51BCEA}
2014-08-08 22:33 - 2014-08-08 22:33 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7D239DDE-821E-4374-AB96-548753FFCF88}
2014-08-07 10:42 - 2014-08-07 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5CA6A5DA-5962-42D5-85A3-DD0C8C5E074A}
2014-08-05 23:24 - 2014-08-05 23:24 - 00000000 ____D () C:\Users\Michael\AppData\Local\{4259FC1B-9E4C-4327-8682-FDFA031883E7}
2014-08-05 10:44 - 2014-08-05 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{02E8177A-A326-430D-9F87-8695E6E7A536}
2014-08-04 10:30 - 2014-08-18 15:10 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-04 10:30 - 2014-08-18 15:09 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-04 10:21 - 2014-08-04 10:21 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0ED40260-078E-4866-808C-6365BF7B08E7}
2014-08-03 10:42 - 2014-08-03 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7FDF989D-B9F7-4C21-AF30-B584D8B06731}
2014-08-02 10:44 - 2014-08-02 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0AB8EE49-D6F2-4F5A-A331-5A29BAB69788}
2014-08-01 16:43 - 2014-08-01 16:43 - 00000000 ____D () C:\Users\Michael\AppData\Local\{E4EC2F12-65F1-4545-8BAC-BE4850219F5D}
2014-08-01 11:43 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 11:43 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 11:43 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 11:43 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 11:43 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 11:42 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 11:42 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 11:42 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 11:42 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-01 11:40 - 2014-08-01 11:40 - 00000000 ____D () C:\Users\Michael\AppData\Local\{56FDFAE9-4B17-4F4B-9C85-E6BE0DC83F9D}
2014-07-31 10:13 - 2014-07-31 10:13 - 00000000 ____D () C:\Users\Michael\AppData\Local\{9ED1D688-C768-4252-837E-9EED3F2C7C81}
2014-07-30 10:06 - 2014-07-30 10:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{DF2A5F04-B151-45D0-B89C-5B72B809C057}
2014-07-28 23:39 - 2014-07-28 23:39 - 06263496 _____ (TeamViewer GmbH) C:\Users\Michael\Downloads\TeamViewer_Setup_de(1).exe
2014-07-28 14:09 - 2014-07-28 14:09 - 00000000 ____D () C:\Users\Michael\AppData\Local\{FC51DA7A-724C-4067-B14C-ECA44D6160F6}
2014-07-27 02:56 - 2014-07-27 02:56 - 00000000 ____D () C:\Users\Michael\AppData\Local\{86D836D1-7D57-417C-9539-3178402DEBDB}
2014-07-26 11:10 - 2014-07-26 11:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{27BC7407-D8A8-4BE1-AEBE-30E39F3C0A4F}
2014-07-25 10:06 - 2014-07-25 10:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{524DF4E6-F594-4222-957A-51E5964C0E9F}
2014-07-22 10:10 - 2014-07-22 10:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5B2BCFE3-C266-4AF7-B991-3C2A44E0CFDF}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-21 01:06 - 2014-08-21 01:06 - 00016181 _____ () C:\Users\Michael\Desktop\FRST.txt
2014-08-21 01:06 - 2014-08-20 21:19 - 00000000 ____D () C:\FRST
2014-08-21 01:05 - 2010-09-17 18:57 - 01834659 _____ () C:\Windows\WindowsUpdate.log
2014-08-21 01:04 - 2014-08-20 20:24 - 00000000 ____D () C:\Users\Michael\Desktop\System-Säuberung
2014-08-20 21:56 - 2014-08-20 21:55 - 02347384 _____ (ESET) C:\Users\Michael\Downloads\esetsmartinstaller_deu(1).exe
2014-08-20 21:46 - 2011-02-07 23:29 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-08-20 21:17 - 2014-08-20 21:17 - 00000000 _____ () C:\Users\Michael\defogger_reenable
2014-08-20 21:17 - 2011-02-07 18:32 - 00000000 ____D () C:\Users\Michael
2014-08-20 20:57 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-20 20:57 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-20 20:50 - 2014-08-20 20:50 - 00000000 ____D () C:\Users\Michael\AppData\Local\{3D2DD5FB-6969-4999-B157-B2A43AC4ECE1}
2014-08-20 20:50 - 2011-02-09 18:59 - 00000000 ____D () C:\Users\Michael\Tracing
2014-08-20 20:49 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-20 20:49 - 2009-07-14 06:51 - 00187519 _____ () C:\Windows\setupact.log
2014-08-20 20:49 - 2009-07-14 06:45 - 00286024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-20 20:46 - 2011-02-08 22:20 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Skype
2014-08-20 20:21 - 2014-08-20 20:21 - 02101760 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2014-08-20 20:18 - 2011-10-05 03:30 - 00000000 ____D () C:\Users\Michael\AppData\Local\FreePDF_XP
2014-08-20 20:08 - 2011-10-02 16:00 - 00443904 ___SH () C:\Users\Michael\Thumbs.db
2014-08-20 17:57 - 2013-05-19 23:11 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-08-20 17:52 - 2012-05-20 03:35 - 00000035 _____ () C:\Users\Michael\Desktop\proxtube.txt
2014-08-20 12:09 - 2013-09-13 02:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2014-08-20 11:36 - 2014-08-20 11:36 - 00046873 _____ () C:\Windows\SysWOW64\unil.exe
2014-08-20 11:36 - 2014-08-20 11:36 - 00000000 ____D () C:\Michael
2014-08-20 11:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-20 10:00 - 2010-09-17 18:54 - 00170844 _____ () C:\Windows\PFRO.log
2014-08-20 00:49 - 2012-01-11 17:53 - 00000000 ____D () C:\Users\Michael\AppData\Local\Unity
2014-08-20 00:49 - 2011-12-06 03:26 - 00000717 _____ () C:\Windows\wininit.ini
2014-08-20 00:48 - 2010-09-17 19:14 - 00040818 _____ () C:\Windows\DPINST.LOG
2014-08-20 00:03 - 2011-02-08 22:59 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\ICQ
2014-08-19 21:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-19 15:51 - 2014-08-19 15:51 - 00000000 ____D () C:\Users\Michael\AppData\Local\{38B2E845-4D07-4961-B970-98EC8CD0CEAD}
2014-08-19 15:50 - 2014-08-19 12:40 - 00001417 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-19 15:45 - 2013-11-12 11:03 - 00020973 _____ () C:\Windows\IE11_main.log
2014-08-19 15:39 - 2014-08-19 15:39 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-19 15:37 - 2014-08-19 15:37 - 02077392 _____ (Microsoft Corporation) C:\Users\Michael\Downloads\IE11-Windows6.1.exe
2014-08-19 15:15 - 2014-08-19 15:15 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C44E66C8-D51D-495E-BA97-4304D70E0182}
2014-08-19 15:11 - 2014-08-19 15:10 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\Michael\Downloads\avira_de_av___ws.exe
2014-08-19 11:56 - 2014-08-17 21:30 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\QuickScan
2014-08-19 02:37 - 2014-02-27 18:56 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-08-19 00:02 - 2011-09-20 18:26 - 00000140 _____ () C:\Windows\9888.MOD
2014-08-18 22:44 - 2014-08-18 22:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{731D6040-732C-4DE9-98FC-709267031DBD}
2014-08-18 22:42 - 2010-07-13 13:57 - 00000000 ____D () C:\Program Files (x86)\EgisTec MyWinLocker
2014-08-18 16:01 - 2010-07-13 13:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-18 15:39 - 2012-06-18 15:44 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-18 15:39 - 2012-06-18 15:44 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-08-18 15:10 - 2014-08-04 10:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 15:09 - 2014-08-04 10:30 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 15:09 - 2013-08-05 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 15:09 - 2013-08-05 18:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-18 15:06 - 2014-08-18 15:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{99AC47CD-5F49-4750-A2FF-426C684CBE8E}
2014-08-18 14:34 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-18 14:28 - 2012-11-13 17:41 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-18 14:01 - 2014-08-18 14:01 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F0D04E7A-FEB5-4741-AEDF-E437370C8C62}
2014-08-18 14:01 - 2011-02-07 18:32 - 00062472 _____ () C:\Users\Michael\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-18 13:59 - 2012-11-13 17:36 - 00004324 _____ () C:\ProgramData\hpzinstall.log
2014-08-18 13:59 - 2012-11-13 17:36 - 00000000 ____D () C:\ProgramData\HP
2014-08-18 13:02 - 2014-08-18 13:02 - 00000000 ____D () C:\Users\Michael\AppData\Local\{153F9F39-0933-4147-AE57-91E7DA2D8CAA}
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5D930934-5124-466B-AE81-79A4AF65A101}
2014-08-18 00:27 - 2012-09-27 00:03 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\FileZilla
2014-08-18 00:00 - 2011-09-15 11:40 - 00000353 _____ () C:\Users\Michael\Desktop\Neues Textdokument.txt
2014-08-17 22:20 - 2014-08-17 22:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-17 22:20 - 2014-08-17 22:19 - 02347384 _____ (ESET) C:\Users\Michael\Downloads\esetsmartinstaller_deu.exe
2014-08-17 18:07 - 2012-06-18 17:34 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-17 18:07 - 2012-06-18 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-17 18:07 - 2012-06-18 17:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-17 18:06 - 2014-08-17 18:05 - 04813544 _____ (Piriform Ltd) C:\Users\Michael\Downloads\ccsetup416.exe
2014-08-17 17:57 - 2014-08-17 17:57 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1BC41C44-349C-4656-B3E0-26163AA28D42}
2014-08-17 17:10 - 2014-08-17 17:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0107BFDA-B12C-48F6-8E47-B4AB6B8CDE05}
2014-08-17 01:04 - 2014-08-17 01:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{34A4F854-7900-4862-8F65-6E12975E9D54}
2014-08-15 09:23 - 2014-08-15 09:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1442DB7E-FFC6-4E4C-91D8-99B7C9E1E12B}
2014-08-14 20:54 - 2014-06-11 18:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\Adobe
2014-08-14 10:39 - 2012-04-03 10:00 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-14 10:39 - 2011-06-02 00:20 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-14 10:37 - 2014-08-14 10:36 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C42E855C-4B60-429C-B1B3-4D95D47F24DA}
2014-08-13 12:20 - 2014-08-13 12:19 - 00000000 ____D () C:\Users\Michael\AppData\Local\{D1DF6F7D-6F82-4F22-ABDE-0C7640A75E89}
2014-08-13 11:03 - 2013-07-14 13:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 10:55 - 2011-02-08 16:51 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 10:50 - 2014-04-23 10:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 10:41 - 2014-08-13 10:41 - 00000000 ____D () C:\Users\Michael\AppData\Local\{42D91D13-48AF-4C95-AC18-F5C8ED438B6B}
2014-08-12 20:25 - 2014-08-12 20:25 - 00001442 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-08-12 20:25 - 2014-08-12 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-08-12 20:25 - 2014-08-12 20:24 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-08-12 20:24 - 2014-08-12 20:23 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\DVDVideoSoft
2014-08-12 20:21 - 2014-08-12 20:21 - 28401992 _____ (DVDVideoSoft Ltd. ) C:\Users\Michael\Downloads\FreeAudioConverter-5.0.45.806.exe
2014-08-12 09:55 - 2014-08-12 09:54 - 00000000 ____D () C:\Users\Michael\AppData\Local\{16A1732A-8B23-43D9-B2F8-08B5350750A4}
2014-08-11 11:21 - 2013-10-29 11:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-11 11:20 - 2014-08-11 11:20 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-11 11:20 - 2014-08-11 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-11 11:20 - 2013-07-03 01:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-10 14:05 - 2014-08-10 14:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F467A3D9-869E-4765-9078-E3264A274CF0}
2014-08-09 22:23 - 2014-08-09 22:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F7399A5B-CD27-486F-A1D5-FD6C3D51BCEA}
2014-08-08 22:34 - 2011-02-08 22:20 - 00000000 ____D () C:\ProgramData\Skype
2014-08-08 22:33 - 2014-08-08 22:33 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7D239DDE-821E-4374-AB96-548753FFCF88}
2014-08-07 10:42 - 2014-08-07 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5CA6A5DA-5962-42D5-85A3-DD0C8C5E074A}
2014-08-07 04:06 - 2014-08-13 10:47 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 10:47 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 23:24 - 2014-08-05 23:24 - 00000000 ____D () C:\Users\Michael\AppData\Local\{4259FC1B-9E4C-4327-8682-FDFA031883E7}
2014-08-05 10:44 - 2014-08-05 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{02E8177A-A326-430D-9F87-8695E6E7A536}
2014-08-05 09:20 - 2013-05-19 23:20 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 10:30 - 2013-08-05 18:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-04 10:21 - 2014-08-04 10:21 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0ED40260-078E-4866-808C-6365BF7B08E7}
2014-08-03 10:42 - 2014-08-03 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7FDF989D-B9F7-4C21-AF30-B584D8B06731}
2014-08-02 10:44 - 2014-08-02 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0AB8EE49-D6F2-4F5A-A331-5A29BAB69788}
2014-08-01 16:43 - 2014-08-01 16:43 - 00000000 ____D () C:\Users\Michael\AppData\Local\{E4EC2F12-65F1-4545-8BAC-BE4850219F5D}
2014-08-01 11:40 - 2014-08-01 11:40 - 00000000 ____D () C:\Users\Michael\AppData\Local\{56FDFAE9-4B17-4F4B-9C85-E6BE0DC83F9D}
2014-08-01 01:41 - 2014-08-19 21:44 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-19 21:44 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 10:13 - 2014-07-31 10:13 - 00000000 ____D () C:\Users\Michael\AppData\Local\{9ED1D688-C768-4252-837E-9EED3F2C7C81}
2014-07-30 10:06 - 2014-07-30 10:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{DF2A5F04-B151-45D0-B89C-5B72B809C057}
2014-07-30 10:05 - 2012-04-25 18:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-29 22:21 - 2014-06-10 23:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-28 23:40 - 2012-02-14 15:16 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\TeamViewer
2014-07-28 23:39 - 2014-07-28 23:39 - 06263496 _____ (TeamViewer GmbH) C:\Users\Michael\Downloads\TeamViewer_Setup_de(1).exe
2014-07-28 14:09 - 2014-07-28 14:09 - 00000000 ____D () C:\Users\Michael\AppData\Local\{FC51DA7A-724C-4067-B14C-ECA44D6160F6}
2014-07-27 02:56 - 2014-07-27 02:56 - 00000000 ____D () C:\Users\Michael\AppData\Local\{86D836D1-7D57-417C-9539-3178402DEBDB}
2014-07-26 11:10 - 2014-07-26 11:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{27BC7407-D8A8-4BE1-AEBE-30E39F3C0A4F}
2014-07-25 16:52 - 2014-08-19 21:44 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-19 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-19 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-19 21:44 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-19 21:44 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-19 21:44 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-19 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-19 21:44 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-19 21:44 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-19 21:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-19 21:44 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-19 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-19 21:44 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-19 21:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-19 21:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-19 21:44 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-19 21:44 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-19 21:44 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-19 21:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-19 21:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-19 21:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-19 21:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-19 21:44 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-19 21:44 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-19 21:44 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-19 21:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-19 21:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-19 21:44 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-19 21:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-19 21:44 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-19 21:44 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-19 21:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-19 21:44 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-19 21:44 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-19 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-19 21:44 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-19 21:44 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-19 21:44 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-19 21:44 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-19 21:44 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-19 21:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-19 21:44 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-19 21:44 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-19 21:44 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-19 21:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-19 21:44 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-19 21:44 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-19 21:44 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-19 21:44 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-19 21:44 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-19 21:44 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-19 21:44 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-19 21:44 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-19 21:44 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-25 10:06 - 2014-07-25 10:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{524DF4E6-F594-4222-957A-51E5964C0E9F}
2014-07-25 10:05 - 2012-05-13 15:18 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 10:05 - 2012-05-13 15:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 10:05 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-24 10:43 - 2012-05-13 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-22 10:10 - 2014-07-22 10:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5B2BCFE3-C266-4AF7-B991-3C2A44E0CFDF}
Some content of TEMP:
====================
C:\Users\Michael\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 15:44
==================== End Of Log ============================
Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by Michael at 2014-08-21 01:06:37
Running from C:\Users\Michael\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.4.0 - Liteon)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Connect Add-in (HKCU\...\Adobe Connect Add-in) (Version: - )
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2829.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.2829.50 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dr Kawashima (HKCU\...\DrKawashima) (Version: 1.0 - )
EaseUS Data Recovery Wizard 6.1 (HKLM-x32\...\EaseUS Data Recovery Wizard 6.1_is1) (Version: - EaseUS)
EASEUS Partition Master 7.0.1 Home Edition (HKLM-x32\...\EASEUS Partition Master Home Edition_is1) (Version: - EASEUS)
EASEUS Todo Backup Home 2.0 (HKLM-x32\...\EASEUS Todo Backup Home 2.0_is1) (Version: 2.0.0.1 - CHENGDU YIWO Tech Development Co., Ltd)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
Free Audio Converter version 5.0.45.806 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.45.806 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
ICQ7.4 (HKLM-x32\...\{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}) (Version: 7.4 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 7.7.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.7.0 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.12 - Acer Inc.)
Logitech Desktop Messenger (HKLM-x32\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: 2.52.18 - Logitech, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2000 SR-1 Professional (HKLM-x32\...\{00010407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM-x32\...\{90170407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word 2000 (HKLM-x32\...\{00170407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8928 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8928 - NTI Corporation) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5903 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.5.9060 - ooVoo LLC.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WEKA Media GmbH & Co.KG Technische Hilfeleistung 4.0 (HKLM-x32\...\WEKA Media GmbH & Co.KG Technische Hilfeleistung 4.0) (Version: - )
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3002 - Acer Incorporated)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {C70325C1-6345-42AF-A8DF-CF21A9CCFC05} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
==================== Loaded Modules (whitelisted) =============
2011-10-05 03:26 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2011-07-14 21:23 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-02-08 21:29 - 2011-01-22 16:57 - 00050056 _____ () C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\CodeLog.dll
2011-02-08 21:30 - 2008-11-25 18:18 - 01291264 _____ () C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\libxml2.dll
2011-02-08 21:30 - 2004-10-05 04:08 - 00055808 _____ () C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\zlib1.dll
2010-06-28 15:20 - 2010-06-28 15:20 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-06-28 15:12 - 2010-06-28 15:12 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2010-07-25 08:10 - 2009-05-20 08:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2014-08-04 10:30 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Michael\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-08-13 12:42 - 2014-08-13 12:42 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\e28fdf645d0ce4b58b0ee3352e1de34c\IsdiInterop.ni.dll
2010-07-13 13:32 - 2010-04-13 18:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/20/2014 09:56:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/20/2014 09:56:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/20/2014 09:56:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/20/2014 09:56:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/20/2014 08:09:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/20/2014 07:46:31 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\servicing\TrustedInstaller.exe; Beschreibung = Windows Modules Installer; Fehler = 0x80070422).
Error: (08/20/2014 06:19:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: WININET.dll, Version: 11.0.9600.17239, Zeitstempel: 0x53d236b8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000001629d4
ID des fehlerhaften Prozesses: 0x1280
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (08/20/2014 02:19:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000022
Fehleroffset: 0x00000000000cd7e8
ID des fehlerhaften Prozesses: 0xbb4
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (08/20/2014 01:34:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).
Error: (08/20/2014 11:14:34 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).
System errors:
=============
Error: (08/20/2014 08:47:01 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (08/20/2014 10:01:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (08/19/2014 03:50:54 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.
Error: (08/18/2014 01:03:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.
Error: (08/17/2014 09:21:46 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/17/2014 08:33:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.
Error: (08/17/2014 08:28:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (08/17/2014 08:07:47 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/17/2014 08:07:47 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/17/2014 08:01:32 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Microsoft Office Sessions:
=========================
Error: (08/20/2014 09:56:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Michael\Downloads\esetsmartinstaller_deu(1).exe
Error: (08/20/2014 09:56:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Michael\Downloads\esetsmartinstaller_deu(1).exe
Error: (08/20/2014 09:56:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Michael\Downloads\esetsmartinstaller_deu(1).exe
Error: (08/20/2014 09:56:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Michael\Downloads\esetsmartinstaller_deu(1).exe
Error: (08/20/2014 08:09:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Michael\Downloads\esetsmartinstaller_deu.exe
Error: (08/20/2014 07:46:31 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\servicing\TrustedInstaller.exeWindows Modules Installer0x80070422
Error: (08/20/2014 06:19:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4WININET.dll11.0.9600.1723953d236b8c000000500000000001629d4128001cfbc70fe5a9a49C:\Windows\Explorer.EXEC:\Windows\system32\WININET.dllb23afc5b-2885-11e4-935e-88ae1d993dcd
Error: (08/20/2014 02:19:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000002200000000000cd7e8bb401cfbc5df10342d8C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll393aa6f6-2864-11e4-935e-4c0f6e81e274
Error: (08/20/2014 01:34:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x80070422
Error: (08/20/2014 11:14:34 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x80070422
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 53%
Total physical RAM: 3958.71 MB
Available physical RAM: 1834.02 MB
Total Pagefile: 7917.42 MB
Available Pagefile: 5392.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:141.6 GB) (Free:66.03 GB) NTFS
Drive e: (Privates) (Fixed) (Total:73.75 GB) (Free:7.71 GB) NTFS
Drive f: () (Fixed) (Total:237.3 GB) (Free:19.39 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5123CE05)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=311.1 GB) - (Type=OF Extended)
==================== End Of Log ============================
Bei dem ersten Scan mit GMER verabschiedete sich das ganze in einem Blue-Screen, nach etwas in den Prozessen der iexplore.exe gefunden wurde. Der zweite Scan ohne laufende Prozesse der iexplore.exe war erfolgreich. GMER: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-21 01:45:11
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB4O 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Michael\AppData\Local\Temp\kxliifow.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[832] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076ce1465 2 bytes [CE, 76]
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[832] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076ce14bb 2 bytes [CE, 76]
.text ... * 2
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1208] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076ce1465 2 bytes [CE, 76]
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1208] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076ce14bb 2 bytes [CE, 76]
.text ... * 2
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[3260] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076ce1465 2 bytes [CE, 76]
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[3260] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076ce14bb 2 bytes [CE, 76]
.text ... * 2
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[3440] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076ce1465 2 bytes [CE, 76]
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[3440] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000076ce14bb 2 bytes [CE, 76]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[932] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076ce1465 2 bytes [CE, 76]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[932] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076ce14bb 2 bytes [CE, 76]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread [1580:1596] 0000000076307587
Thread [1580:1624] 0000000074cabfb4
Thread [1580:1672] 0000000074cabfb4
Thread [1580:1676] 0000000074cabfb4
Thread [1580:1680] 0000000074cabfb4
Thread [1580:1724] 0000000072d032fb
Thread [1580:1864] 0000000077512e65
Thread [1580:3860] 0000000077513e85
Thread C:\Windows\Explorer.EXE [2284:3140] 00000000045118e0
---- EOF - GMER 2.1 ----
|
|
21.08.2014, 06:33
| #2 |
| /// the machine /// TB-Ausbilder    | Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst hi,
__________________Scan mit Combofix
__________________ |
|
21.08.2014, 12:48
| #3 |
| | Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst Vielen Dank für die schnelle Antwort!
__________________Habe die Combofix.exe laufen gelassen. Avira blockierte jedoch, obwohl deaktiviert, während des Durchlaufes einen Zugriff auf die Registry. Ist es sinnvoll einen Zweiten Anlauf zu unternehmen oder reicht es trotzdem aus? Hier also nun die Combix.txt: Code:
ATTFilter ComboFix 14-08-19.01 - Michael 21.08.2014 12:46:21.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3959.2465 [GMT 2:00]
ausgeführt von:: c:\users\Michael\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Michael\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\IsUn0407.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-07-21 bis 2014-08-21 ))))))))))))))))))))))))))))))
.
.
2014-08-20 19:19 . 2014-08-20 23:07 -------- d-----w- C:\FRST
2014-08-20 09:36 . 2014-08-20 09:38 -------- d-----w- C:\LogFiles
2014-08-20 09:36 . 2014-08-20 09:36 46873 ----a-w- c:\windows\SysWow64\unil.exe
2014-08-20 09:36 . 2014-08-20 09:36 -------- d-----w- C:\Michael
2014-08-19 19:45 . 2014-08-07 08:59 11319200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3F54FDB5-06F7-46DF-B80A-0487B4AED751}\mpengine.dll
2014-08-17 20:20 . 2014-08-17 20:20 -------- d-----w- c:\program files (x86)\ESET
2014-08-17 19:30 . 2014-08-19 09:56 -------- d-----w- c:\users\Michael\AppData\Roaming\QuickScan
2014-08-13 08:51 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-13 08:51 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-13 08:51 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-13 08:51 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-13 08:51 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-13 08:51 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-13 08:50 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-13 08:50 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-13 08:48 . 2014-06-16 02:10 985536 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-08-13 08:47 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-08-13 08:47 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-08-12 18:24 . 2014-08-12 18:25 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2014-08-12 18:24 . 2014-08-12 18:24 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2014-08-12 18:23 . 2014-08-12 18:24 -------- d-----w- c:\users\Michael\AppData\Roaming\DVDVideoSoft
2014-08-11 09:20 . 2014-08-11 09:20 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-08-11 09:20 . 2014-08-11 09:20 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-08 08:24 . 2014-08-08 08:24 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-08-04 08:30 . 2014-08-18 13:10 -------- d-----w- c:\programdata\Package Cache
2014-08-01 09:43 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-08-01 09:43 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-08-01 09:43 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-08-01 09:43 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-08-01 09:43 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll
2014-08-01 09:43 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
2014-08-01 09:43 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll
2014-08-01 09:43 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-08-01 09:43 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll
2014-08-01 09:43 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-08-01 09:42 . 2014-05-14 07:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-01 09:42 . 2014-05-14 07:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-08-01 09:42 . 2014-05-14 07:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-08-01 09:42 . 2014-05-14 07:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-17 18:31 . 2011-03-28 16:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-14 08:39 . 2012-04-03 08:00 699568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-14 08:39 . 2011-06-01 22:20 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-13 08:55 . 2011-02-08 14:51 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-05 07:20 . 2013-05-19 21:20 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-17 12:13 . 2013-08-05 16:07 42040 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-07-03 15:02 . 2013-08-05 16:04 117712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-06-18 02:18 . 2014-07-10 09:07 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-10 09:07 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-18 01:10 . 2014-07-10 09:07 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-06-06 10:10 . 2014-07-10 09:06 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-10 09:06 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-10 09:07 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-10 09:07 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-10 09:07 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-05-30 08:08 . 2014-07-10 09:06 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-05-30 08:08 . 2014-07-10 09:06 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-05-30 08:08 . 2014-07-10 09:06 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 08:08 . 2014-07-10 09:06 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-05-30 08:08 . 2014-07-10 09:06 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-05-30 08:08 . 2014-07-10 09:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-05-30 08:08 . 2014-07-10 09:06 22016 ----a-w- c:\windows\system32\credssp.dll
2014-05-30 07:52 . 2014-07-10 09:06 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-05-30 07:52 . 2014-07-10 09:06 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52 . 2014-07-10 09:06 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-30 07:52 . 2014-07-10 09:06 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52 . 2014-07-10 09:06 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52 . 2014-07-10 09:06 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-05-30 07:52 . 2014-07-10 09:06 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-05-30 06:45 . 2014-07-10 09:06 497152 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]
"EaseUs Watch"="c:\program files (x86)\EASEUS\Todo Backup 2.0\bin\EuWatch.exe" [2011-01-22 69000]
"LVCOMS"="c:\program files (x86)\Common Files\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2011-02-23 371200]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-08-04 751184]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-08-04 161584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 EASEUS Agent;EASEUS Agent;c:\program files (x86)\EASEUS\Todo Backup 2.0\bin\Agent.exe;c:\program files (x86)\EASEUS\Todo Backup 2.0\bin\Agent.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys;c:\windows\SYSNATIVE\DRIVERS\massfilter.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ZTEusbnet.sys [x]
R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys;c:\windows\SYSNATIVE\DRIVERS\ZTEusbvoice.sys [x]
S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys;c:\windows\SYSNATIVE\drivers\eubakup.sys [x]
S0 EUFS;EUFS;c:\windows\system32\drivers\eufs.sys;c:\windows\SYSNATIVE\drivers\eufs.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys;c:\windows\SYSNATIVE\drivers\eudskacs.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 EuDisk;EASEUS Disk Enumerator;c:\windows\system32\DRIVERS\EuDisk.sys;c:\windows\SYSNATIVE\DRIVERS\EuDisk.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:Tabs
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.3.1
FF - ProfilePath - c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-Freecorder FLV Service - c:\program files (x86)\Freecorder\FLVSrvc.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{41564952-412D-5637-00A7-7A786E7484D7} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{1392B8D2-5C05-419F-A8F6-B9F15A596612} - (no file)
HKLM-Run-mwlDaemon - c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-WEKA Media GmbH & Co.KG Technische Hilfeleistung 4.0 - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1188316696-1463214734-3367143495-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1188316696-1463214734-3367143495-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-08-21 13:08:08 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-08-21 11:08
.
Vor Suchlauf: 11 Verzeichnis(se), 70.340.243.456 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 70.170.587.136 Bytes frei
.
- - End Of File - - 2378E7E87F4F7F3E42494D9B3798A0F6
|
|
22.08.2014, 13:15
| #4 |
| /// the machine /// TB-Ausbilder | Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.08.2014, 01:26
| #5 |
| | Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst Habe MBAM, AdwCleaner, JRT und FRST laufen lassen. Bei JRT dauerte der "Scan" nur etwa 30 Sekunden. Dann schloss sich das Fenster ohne ein Log-File zu erstellen. Eine Suche nach jrt.txt im System führte ebenfalls zu keinem Ergebniss. Leider scheinen die Maßnahmen nicht von Erfolg gewesen zu sein.  Die iexplore.exe lädt momentan wieder munter im Hintergrund umher ... Hier nun die Log-Files: MBAM: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 23.08.2014 Suchlauf-Zeit: 00:41:13 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.08.22.10 Rootkit Datenbank: v2014.08.21.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Michael Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 355569 Verstrichene Zeit: 17 Min, 33 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 1 PUP.Optional.PriceGong.A, HKU\S-1-5-21-1188316696-1463214734-3367143495-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, Löschen bei Neustart, [aff30bbe4536999dc336b6595fa4926e], Registrierungswerte: 1 Trojan.Agent.EV, HKU\S-1-5-21-1188316696-1463214734-3367143495-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\CONTROL PANEL\DESKTOP|SCRNSAVE.EXE, "C:\Users\Michael\AppData\Roaming\Microsoft\Windows\IEUpdate\eventvwr.exe", Löschen bei Neustart, [bbe756732853ae88502c994d34ce1de3] Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.308 - Bericht erstellt am 23/08/2014 um 01:37:15
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Michael - MICHAEL-PC
# Gestartet von : C:\Users\Michael\Desktop\adwcleaner_3.308.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Michael\AppData\LocalLow\Conduit
Datei Gelöscht : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default\foxydeal.sqlite
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\user.js
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gelöscht : HKCU\Software\Ask&Record
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\27jrkq47.default\prefs.js ]
[ Datei : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\4wtlmk83.Michael\prefs.js ]
[ Datei : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default\prefs.js ]
Zeile gelöscht : user_pref("CT1060933.1000082.isPlayDisplay", "true");
Zeile gelöscht : user_pref("CT1060933.1000082.state", "{\"state\":\"stopped\",\"text\":\"KFOG\",\"description\":\"KFOG\",\"url\":\"hxxp://live.cumulusstreaming.com/KFOG-FM\"}");
Zeile gelöscht : user_pref("CT1060933.129677514212584059.APP_WIN_FEATURES", "resizable=no,scrollbars=no,titlebar=no,openposition=alignment:B,savelocation=0,closebutton=1,saveresizedsize=0");
Zeile gelöscht : user_pref("CT1060933.129686665230467549.APP_WIN_FEATURES", "resizable=no,hscroll=no,vscroll=no,savelocation=no,saveresizedsize=no,closebutton=no,openposition=center");
Zeile gelöscht : user_pref("CT1060933.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT1060933.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT1060933.FirstTime", "true");
Zeile gelöscht : user_pref("CT1060933.FirstTimeFF3", "true");
Zeile gelöscht : user_pref("CT1060933.PrintItGreenStatus", "true");
Zeile gelöscht : user_pref("CT1060933.UserID", "UN98673439757755773");
Zeile gelöscht : user_pref("CT1060933.addressBarTakeOverEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT1060933.autoDisableScopes", -1);
Zeile gelöscht : user_pref("CT1060933.autocompletepro_enable", "1");
Zeile gelöscht : user_pref("CT1060933.autocompletepro_enable_auto", "1");
Zeile gelöscht : user_pref("CT1060933.browser.search.defaultthis.engineName", true);
Zeile gelöscht : user_pref("CT1060933.defaultSearch", "true");
Zeile gelöscht : user_pref("CT1060933.embeddedsData", "[{\"appId\":\"128280995260143876\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Zeile gelöscht : user_pref("CT1060933.enableAlerts", "false");
Zeile gelöscht : user_pref("CT1060933.enableSearchFromAddressBar", "true");
Zeile gelöscht : user_pref("CT1060933.firstTimeDialogOpened", "true");
Zeile gelöscht : user_pref("CT1060933.fixPageNotFoundError", "true");
Zeile gelöscht : user_pref("CT1060933.fixPageNotFoundErrorInHidden", "true");
Zeile gelöscht : user_pref("CT1060933.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT1060933.isNewTabEnabled", false);
Zeile gelöscht : user_pref("CT1060933.isPerformedSmartBarTransition", "true");
Zeile gelöscht : user_pref("CT1060933.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT1060933.keyword", true);
Zeile gelöscht : user_pref("CT1060933.openThankYouPage", "false");
Zeile gelöscht : user_pref("CT1060933.openUninstallPage", "true");
Zeile gelöscht : user_pref("CT1060933.search.searchAppId", "128280995260143876");
Zeile gelöscht : user_pref("CT1060933.search.searchCount", "0");
Zeile gelöscht : user_pref("CT1060933.searchInNewTabEnabled", "false");
Zeile gelöscht : user_pref("CT1060933.searchInNewTabEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT1060933.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT1060933\"}");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1339669060832");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_services_appTracking_lastUpdate", "1339669086157");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_services_appsMetadata_lastUpdate", "1339669060688");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1339669060612");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_services_login_10.10.2.10_lastUpdate", "1340041305839");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1339669060653");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_services_searchAPI_lastUpdate", "1339669060273");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_services_serviceMap_lastUpdate", "1340020524805");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_services_toolbarContextMenu_lastUpdate", "1339669060561");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_services_toolbarSettings_lastUpdate", "1340041303735");
Zeile gelöscht : user_pref("CT1060933.serviceLayer_services_translation_lastUpdate", "1340020525487");
Zeile gelöscht : user_pref("CT1060933.settingsINI", true);
Zeile gelöscht : user_pref("CT1060933.shouldFirstTimeDialog", "false");
Zeile gelöscht : user_pref("CT1060933.smartbar.CTID", "CT1060933");
Zeile gelöscht : user_pref("CT1060933.smartbar.Uninstall", "0");
Zeile gelöscht : user_pref("CT1060933.smartbar.homepage", true);
Zeile gelöscht : user_pref("CT1060933.smartbar.isHidden", true);
Zeile gelöscht : user_pref("CT1060933.startPage", "userChanged");
Zeile gelöscht : user_pref("CT1060933.toolbarBornServerTime", "14-6-2012");
Zeile gelöscht : user_pref("CT1060933.toolbarCurrentServerTime", "18-6-2012");
Zeile gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT1060933");
[ Datei : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\u6ivp59k.Neu\prefs.js ]
*************************
AdwCleaner[R2].txt - [9085 octets] - [23/08/2014 01:32:54]
AdwCleaner[S0].txt - [8899 octets] - [23/08/2014 01:37:15]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8959 octets] ##########
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Michael (administrator) on MICHAEL-PC on 23-08-2014 01:53:43
Running from C:\Users\Michael\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\Agent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\EuWatch.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\Logitech\QCDriver3\LVComS.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [968272 2010-06-22] (Dritek System Inc.)
HKLM-x32\...\Run: [EaseUs Watch] => C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\EuWatch.exe [69000 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [LVCOMS] => C:\Program Files (x86)\Common Files\Logitech\QCDriver3\LVCOMS.EXE [127022 2002-12-10] (Logitech Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
BHO: No Name -> {41564952-412D-5637-00A7-7A786E7484D7} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
FireFox:
========
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default\Extensions\abs@avira.com [2014-08-19]
FF Extension: DownloadHelper - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-08]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 EASEUS Agent; C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\Agent.exe [55688 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2010-07-15] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2010-07-15] () [File not signed]
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [36232 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R3 EuDisk; C:\Windows\System32\DRIVERS\EuDisk.sys [193416 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd)
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [17800 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUFS; C:\Windows\System32\drivers\eufs.sys [26504 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2010-07-15] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2010-07-15] () [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-23 01:53 - 2014-08-23 01:54 - 00014785 _____ () C:\Users\Michael\Desktop\FRST.txt
2014-08-23 01:44 - 2014-08-23 01:44 - 00000000 ____D () C:\Windows\ERUNT
2014-08-23 01:32 - 2014-08-23 01:37 - 00000000 ____D () C:\AdwCleaner
2014-08-23 01:01 - 2014-08-23 01:07 - 00001596 _____ () C:\Users\Michael\Desktop\mbam.txt
2014-08-23 00:39 - 2014-08-23 01:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-23 00:39 - 2014-08-23 00:39 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-23 00:39 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-23 00:39 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-23 00:39 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-22 14:32 - 2014-08-22 14:32 - 01364531 _____ () C:\Users\Michael\Desktop\adwcleaner_3.308.exe
2014-08-22 14:32 - 2014-08-22 14:32 - 01016261 _____ (Thisisu) C:\Users\Michael\Desktop\JRT.exe
2014-08-22 14:27 - 2014-08-22 14:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Michael\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-22 10:42 - 2014-08-22 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{84B2BD56-FBBB-41EE-AC4E-C7E2FB21D627}
2014-08-22 10:38 - 2014-08-22 10:38 - 00000000 ____D () C:\Users\Michael\AppData\Local\{10ABC367-1C41-4F2A-AFB7-D35A242592E0}
2014-08-21 12:45 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-21 12:45 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-21 12:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-21 12:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-21 12:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-21 12:45 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-21 12:45 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-21 12:45 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-21 12:44 - 2014-08-21 13:08 - 00000000 ____D () C:\Qoobox
2014-08-21 12:44 - 2014-08-21 13:06 - 00000000 ____D () C:\Windows\erdnt
2014-08-21 11:32 - 2014-08-21 11:32 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F5AD1383-6808-4242-90EB-8565D83E6426}
2014-08-21 01:30 - 2014-08-21 01:30 - 00000000 ____D () C:\Users\Michael\AppData\Local\{9E9223FE-F6FB-4A0E-AD38-B3FB7F54EB42}
2014-08-21 01:22 - 2014-08-21 01:22 - 00291864 _____ () C:\Windows\Minidump\082114-25537-01.dmp
2014-08-20 21:55 - 2014-08-20 21:56 - 02347384 _____ (ESET) C:\Users\Michael\Downloads\esetsmartinstaller_deu(1).exe
2014-08-20 21:19 - 2014-08-23 01:53 - 00000000 ____D () C:\FRST
2014-08-20 21:17 - 2014-08-20 21:17 - 00000000 _____ () C:\Users\Michael\defogger_reenable
2014-08-20 20:50 - 2014-08-20 20:50 - 00000000 ____D () C:\Users\Michael\AppData\Local\{3D2DD5FB-6969-4999-B157-B2A43AC4ECE1}
2014-08-20 20:24 - 2014-08-23 01:52 - 00000000 ____D () C:\Users\Michael\Desktop\System-Säuberung
2014-08-20 20:21 - 2014-08-20 20:21 - 02101760 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2014-08-20 11:36 - 2014-08-20 11:36 - 00046873 _____ () C:\Windows\SysWOW64\unil.exe
2014-08-20 11:36 - 2014-08-20 11:36 - 00000000 ____D () C:\Michael
2014-08-19 21:44 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 21:44 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 21:44 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 21:44 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 21:44 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 21:44 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 21:44 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 21:44 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 21:44 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 21:44 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 21:44 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 21:44 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 21:44 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 21:44 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-19 21:44 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 21:44 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 21:44 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-19 21:44 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 21:44 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-19 21:44 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-19 21:44 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-19 21:44 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-19 21:44 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-19 21:44 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-19 21:44 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 21:44 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-19 21:44 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-19 21:44 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-19 21:44 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-19 21:44 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-19 21:44 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-19 21:44 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-19 21:44 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-19 21:44 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-19 21:44 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-19 21:44 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 21:44 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-19 21:44 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-19 21:44 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 21:44 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-19 21:44 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-19 21:44 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-19 21:44 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-19 21:44 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-19 21:44 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-19 21:44 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-19 21:44 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-19 21:44 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-19 21:44 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-19 21:44 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-19 21:44 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-19 21:44 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-19 21:44 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-19 21:44 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-19 21:44 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-19 21:44 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-19 15:51 - 2014-08-19 15:51 - 00000000 ____D () C:\Users\Michael\AppData\Local\{38B2E845-4D07-4961-B970-98EC8CD0CEAD}
2014-08-19 15:39 - 2014-08-19 15:39 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-19 15:37 - 2014-08-19 15:37 - 02077392 _____ (Microsoft Corporation) C:\Users\Michael\Downloads\IE11-Windows6.1.exe
2014-08-19 15:15 - 2014-08-19 15:15 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C44E66C8-D51D-495E-BA97-4304D70E0182}
2014-08-19 15:10 - 2014-08-19 15:11 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\Michael\Downloads\avira_de_av___ws.exe
2014-08-19 12:40 - 2014-08-19 15:50 - 00001417 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-18 22:44 - 2014-08-18 22:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{731D6040-732C-4DE9-98FC-709267031DBD}
2014-08-18 15:06 - 2014-08-18 15:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{99AC47CD-5F49-4750-A2FF-426C684CBE8E}
2014-08-18 14:01 - 2014-08-18 14:01 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F0D04E7A-FEB5-4741-AEDF-E437370C8C62}
2014-08-18 13:02 - 2014-08-18 13:02 - 00000000 ____D () C:\Users\Michael\AppData\Local\{153F9F39-0933-4147-AE57-91E7DA2D8CAA}
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5D930934-5124-466B-AE81-79A4AF65A101}
2014-08-17 22:20 - 2014-08-17 22:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-17 22:19 - 2014-08-17 22:20 - 02347384 _____ (ESET) C:\Users\Michael\Downloads\esetsmartinstaller_deu.exe
2014-08-17 21:30 - 2014-08-19 11:56 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\QuickScan
2014-08-17 18:05 - 2014-08-17 18:06 - 04813544 _____ (Piriform Ltd) C:\Users\Michael\Downloads\ccsetup416.exe
2014-08-17 17:57 - 2014-08-17 17:57 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1BC41C44-349C-4656-B3E0-26163AA28D42}
2014-08-17 17:10 - 2014-08-17 17:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0107BFDA-B12C-48F6-8E47-B4AB6B8CDE05}
2014-08-17 01:04 - 2014-08-17 01:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{34A4F854-7900-4862-8F65-6E12975E9D54}
2014-08-15 09:23 - 2014-08-15 09:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1442DB7E-FFC6-4E4C-91D8-99B7C9E1E12B}
2014-08-14 10:36 - 2014-08-14 10:37 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C42E855C-4B60-429C-B1B3-4D95D47F24DA}
2014-08-13 12:19 - 2014-08-13 12:20 - 00000000 ____D () C:\Users\Michael\AppData\Local\{D1DF6F7D-6F82-4F22-ABDE-0C7640A75E89}
2014-08-13 10:51 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 10:51 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 10:51 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 10:51 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 10:51 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 10:51 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 10:50 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 10:50 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 10:49 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 10:49 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 10:49 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 10:49 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 10:49 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 10:49 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 10:49 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 10:49 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 10:49 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 10:48 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 10:47 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 10:47 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 10:41 - 2014-08-13 10:41 - 00000000 ____D () C:\Users\Michael\AppData\Local\{42D91D13-48AF-4C95-AC18-F5C8ED438B6B}
2014-08-12 20:25 - 2014-08-12 20:25 - 00001442 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-08-12 20:25 - 2014-08-12 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-08-12 20:24 - 2014-08-12 20:25 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-08-12 20:23 - 2014-08-12 20:24 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\DVDVideoSoft
2014-08-12 20:21 - 2014-08-12 20:21 - 28401992 _____ (DVDVideoSoft Ltd. ) C:\Users\Michael\Downloads\FreeAudioConverter-5.0.45.806.exe
2014-08-12 09:54 - 2014-08-12 09:55 - 00000000 ____D () C:\Users\Michael\AppData\Local\{16A1732A-8B23-43D9-B2F8-08B5350750A4}
2014-08-11 11:20 - 2014-08-11 11:20 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-11 11:20 - 2014-08-11 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-10 14:04 - 2014-08-10 14:05 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F467A3D9-869E-4765-9078-E3264A274CF0}
2014-08-09 22:23 - 2014-08-09 22:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F7399A5B-CD27-486F-A1D5-FD6C3D51BCEA}
2014-08-08 22:33 - 2014-08-08 22:33 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7D239DDE-821E-4374-AB96-548753FFCF88}
2014-08-07 10:42 - 2014-08-07 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5CA6A5DA-5962-42D5-85A3-DD0C8C5E074A}
2014-08-05 23:24 - 2014-08-05 23:24 - 00000000 ____D () C:\Users\Michael\AppData\Local\{4259FC1B-9E4C-4327-8682-FDFA031883E7}
2014-08-05 10:44 - 2014-08-05 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{02E8177A-A326-430D-9F87-8695E6E7A536}
2014-08-04 10:30 - 2014-08-18 15:10 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-04 10:30 - 2014-08-18 15:09 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-04 10:21 - 2014-08-04 10:21 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0ED40260-078E-4866-808C-6365BF7B08E7}
2014-08-03 10:42 - 2014-08-03 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7FDF989D-B9F7-4C21-AF30-B584D8B06731}
2014-08-02 10:44 - 2014-08-02 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0AB8EE49-D6F2-4F5A-A331-5A29BAB69788}
2014-08-01 16:43 - 2014-08-01 16:43 - 00000000 ____D () C:\Users\Michael\AppData\Local\{E4EC2F12-65F1-4545-8BAC-BE4850219F5D}
2014-08-01 11:43 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 11:43 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 11:43 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 11:43 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 11:43 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 11:42 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 11:42 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 11:42 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 11:42 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-01 11:40 - 2014-08-01 11:40 - 00000000 ____D () C:\Users\Michael\AppData\Local\{56FDFAE9-4B17-4F4B-9C85-E6BE0DC83F9D}
2014-07-31 10:13 - 2014-07-31 10:13 - 00000000 ____D () C:\Users\Michael\AppData\Local\{9ED1D688-C768-4252-837E-9EED3F2C7C81}
2014-07-30 10:06 - 2014-07-30 10:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{DF2A5F04-B151-45D0-B89C-5B72B809C057}
2014-07-28 23:39 - 2014-07-28 23:39 - 06263496 _____ (TeamViewer GmbH) C:\Users\Michael\Downloads\TeamViewer_Setup_de(1).exe
2014-07-28 14:09 - 2014-07-28 14:09 - 00000000 ____D () C:\Users\Michael\AppData\Local\{FC51DA7A-724C-4067-B14C-ECA44D6160F6}
2014-07-27 02:56 - 2014-07-27 02:56 - 00000000 ____D () C:\Users\Michael\AppData\Local\{86D836D1-7D57-417C-9539-3178402DEBDB}
2014-07-26 11:10 - 2014-07-26 11:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{27BC7407-D8A8-4BE1-AEBE-30E39F3C0A4F}
2014-07-25 10:06 - 2014-07-25 10:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{524DF4E6-F594-4222-957A-51E5964C0E9F}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-23 01:54 - 2014-08-23 01:53 - 00014785 _____ () C:\Users\Michael\Desktop\FRST.txt
2014-08-23 01:53 - 2014-08-20 21:19 - 00000000 ____D () C:\FRST
2014-08-23 01:52 - 2014-08-20 20:24 - 00000000 ____D () C:\Users\Michael\Desktop\System-Säuberung
2014-08-23 01:46 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-23 01:46 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-23 01:44 - 2014-08-23 01:44 - 00000000 ____D () C:\Windows\ERUNT
2014-08-23 01:42 - 2010-09-17 18:57 - 01942580 _____ () C:\Windows\WindowsUpdate.log
2014-08-23 01:38 - 2010-09-17 18:54 - 00171952 _____ () C:\Windows\PFRO.log
2014-08-23 01:38 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-23 01:38 - 2009-07-14 06:51 - 00188135 _____ () C:\Windows\setupact.log
2014-08-23 01:37 - 2014-08-23 01:32 - 00000000 ____D () C:\AdwCleaner
2014-08-23 01:37 - 2014-06-10 23:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-23 01:13 - 2014-08-23 00:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-23 01:12 - 2011-02-07 23:29 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-08-23 01:07 - 2014-08-23 01:01 - 00001596 _____ () C:\Users\Michael\Desktop\mbam.txt
2014-08-23 00:39 - 2014-08-23 00:39 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-23 00:18 - 2011-02-08 22:20 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Skype
2014-08-22 14:33 - 2011-10-05 03:30 - 00000000 ____D () C:\Users\Michael\AppData\Local\FreePDF_XP
2014-08-22 14:32 - 2014-08-22 14:32 - 01364531 _____ () C:\Users\Michael\Desktop\adwcleaner_3.308.exe
2014-08-22 14:32 - 2014-08-22 14:32 - 01016261 _____ (Thisisu) C:\Users\Michael\Desktop\JRT.exe
2014-08-22 14:27 - 2014-08-22 14:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Michael\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-22 14:24 - 2011-02-07 18:32 - 00000000 ____D () C:\Users\Michael
2014-08-22 14:16 - 2011-10-02 16:00 - 00443904 ___SH () C:\Users\Michael\Thumbs.db
2014-08-22 10:42 - 2014-08-22 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{84B2BD56-FBBB-41EE-AC4E-C7E2FB21D627}
2014-08-22 10:42 - 2010-09-17 19:20 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-08-22 10:38 - 2014-08-22 10:38 - 00000000 ____D () C:\Users\Michael\AppData\Local\{10ABC367-1C41-4F2A-AFB7-D35A242592E0}
2014-08-22 10:38 - 2011-02-09 18:59 - 00000000 ____D () C:\Users\Michael\Tracing
2014-08-22 10:37 - 2013-05-19 23:11 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-08-21 13:08 - 2014-08-21 12:44 - 00000000 ____D () C:\Qoobox
2014-08-21 13:08 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-21 13:06 - 2014-08-21 12:44 - 00000000 ____D () C:\Windows\erdnt
2014-08-21 12:57 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-21 11:32 - 2014-08-21 11:32 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F5AD1383-6808-4242-90EB-8565D83E6426}
2014-08-21 01:30 - 2014-08-21 01:30 - 00000000 ____D () C:\Users\Michael\AppData\Local\{9E9223FE-F6FB-4A0E-AD38-B3FB7F54EB42}
2014-08-21 01:22 - 2014-08-21 01:22 - 00291864 _____ () C:\Windows\Minidump\082114-25537-01.dmp
2014-08-21 01:22 - 2011-09-18 23:19 - 829095135 _____ () C:\Windows\MEMORY.DMP
2014-08-21 01:22 - 2011-09-18 23:19 - 00000000 ____D () C:\Windows\Minidump
2014-08-20 21:56 - 2014-08-20 21:55 - 02347384 _____ (ESET) C:\Users\Michael\Downloads\esetsmartinstaller_deu(1).exe
2014-08-20 21:17 - 2014-08-20 21:17 - 00000000 _____ () C:\Users\Michael\defogger_reenable
2014-08-20 20:50 - 2014-08-20 20:50 - 00000000 ____D () C:\Users\Michael\AppData\Local\{3D2DD5FB-6969-4999-B157-B2A43AC4ECE1}
2014-08-20 20:49 - 2009-07-14 06:45 - 00286024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-20 20:21 - 2014-08-20 20:21 - 02101760 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2014-08-20 17:52 - 2012-05-20 03:35 - 00000035 _____ () C:\Users\Michael\Desktop\proxtube.txt
2014-08-20 12:09 - 2013-09-13 02:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2014-08-20 11:36 - 2014-08-20 11:36 - 00046873 _____ () C:\Windows\SysWOW64\unil.exe
2014-08-20 11:36 - 2014-08-20 11:36 - 00000000 ____D () C:\Michael
2014-08-20 11:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-20 00:49 - 2012-01-11 17:53 - 00000000 ____D () C:\Users\Michael\AppData\Local\Unity
2014-08-20 00:48 - 2010-09-17 19:14 - 00040818 _____ () C:\Windows\DPINST.LOG
2014-08-20 00:03 - 2011-02-08 22:59 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\ICQ
2014-08-19 21:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-19 15:51 - 2014-08-19 15:51 - 00000000 ____D () C:\Users\Michael\AppData\Local\{38B2E845-4D07-4961-B970-98EC8CD0CEAD}
2014-08-19 15:50 - 2014-08-19 12:40 - 00001417 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-19 15:45 - 2013-11-12 11:03 - 00020973 _____ () C:\Windows\IE11_main.log
2014-08-19 15:39 - 2014-08-19 15:39 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-19 15:37 - 2014-08-19 15:37 - 02077392 _____ (Microsoft Corporation) C:\Users\Michael\Downloads\IE11-Windows6.1.exe
2014-08-19 15:15 - 2014-08-19 15:15 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C44E66C8-D51D-495E-BA97-4304D70E0182}
2014-08-19 15:11 - 2014-08-19 15:10 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\Michael\Downloads\avira_de_av___ws.exe
2014-08-19 11:56 - 2014-08-17 21:30 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\QuickScan
2014-08-19 02:37 - 2014-02-27 18:56 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-08-19 00:02 - 2011-09-20 18:26 - 00000140 _____ () C:\Windows\9888.MOD
2014-08-18 22:44 - 2014-08-18 22:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{731D6040-732C-4DE9-98FC-709267031DBD}
2014-08-18 22:42 - 2010-07-13 13:57 - 00000000 ____D () C:\Program Files (x86)\EgisTec MyWinLocker
2014-08-18 16:01 - 2010-07-13 13:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-18 15:39 - 2012-06-18 15:44 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-18 15:39 - 2012-06-18 15:44 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-08-18 15:10 - 2014-08-04 10:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 15:09 - 2014-08-04 10:30 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 15:09 - 2013-08-05 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 15:09 - 2013-08-05 18:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-18 15:06 - 2014-08-18 15:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{99AC47CD-5F49-4750-A2FF-426C684CBE8E}
2014-08-18 14:34 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-18 14:28 - 2012-11-13 17:41 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-18 14:01 - 2014-08-18 14:01 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F0D04E7A-FEB5-4741-AEDF-E437370C8C62}
2014-08-18 14:01 - 2011-02-07 18:32 - 00062472 _____ () C:\Users\Michael\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-18 13:59 - 2012-11-13 17:36 - 00004324 _____ () C:\ProgramData\hpzinstall.log
2014-08-18 13:59 - 2012-11-13 17:36 - 00000000 ____D () C:\ProgramData\HP
2014-08-18 13:02 - 2014-08-18 13:02 - 00000000 ____D () C:\Users\Michael\AppData\Local\{153F9F39-0933-4147-AE57-91E7DA2D8CAA}
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5D930934-5124-466B-AE81-79A4AF65A101}
2014-08-18 00:27 - 2012-09-27 00:03 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\FileZilla
2014-08-18 00:00 - 2011-09-15 11:40 - 00000353 _____ () C:\Users\Michael\Desktop\Neues Textdokument.txt
2014-08-17 22:20 - 2014-08-17 22:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-17 22:20 - 2014-08-17 22:19 - 02347384 _____ (ESET) C:\Users\Michael\Downloads\esetsmartinstaller_deu.exe
2014-08-17 18:07 - 2012-06-18 17:34 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-17 18:07 - 2012-06-18 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-17 18:07 - 2012-06-18 17:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-17 18:06 - 2014-08-17 18:05 - 04813544 _____ (Piriform Ltd) C:\Users\Michael\Downloads\ccsetup416.exe
2014-08-17 17:57 - 2014-08-17 17:57 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1BC41C44-349C-4656-B3E0-26163AA28D42}
2014-08-17 17:10 - 2014-08-17 17:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0107BFDA-B12C-48F6-8E47-B4AB6B8CDE05}
2014-08-17 01:04 - 2014-08-17 01:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{34A4F854-7900-4862-8F65-6E12975E9D54}
2014-08-15 09:23 - 2014-08-15 09:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1442DB7E-FFC6-4E4C-91D8-99B7C9E1E12B}
2014-08-14 20:54 - 2014-06-11 18:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\Adobe
2014-08-14 10:39 - 2012-04-03 10:00 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-14 10:39 - 2011-06-02 00:20 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-14 10:37 - 2014-08-14 10:36 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C42E855C-4B60-429C-B1B3-4D95D47F24DA}
2014-08-13 12:20 - 2014-08-13 12:19 - 00000000 ____D () C:\Users\Michael\AppData\Local\{D1DF6F7D-6F82-4F22-ABDE-0C7640A75E89}
2014-08-13 11:03 - 2013-07-14 13:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 10:55 - 2011-02-08 16:51 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 10:50 - 2014-04-23 10:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 10:41 - 2014-08-13 10:41 - 00000000 ____D () C:\Users\Michael\AppData\Local\{42D91D13-48AF-4C95-AC18-F5C8ED438B6B}
2014-08-12 20:25 - 2014-08-12 20:25 - 00001442 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-08-12 20:25 - 2014-08-12 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-08-12 20:25 - 2014-08-12 20:24 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-08-12 20:24 - 2014-08-12 20:23 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\DVDVideoSoft
2014-08-12 20:21 - 2014-08-12 20:21 - 28401992 _____ (DVDVideoSoft Ltd. ) C:\Users\Michael\Downloads\FreeAudioConverter-5.0.45.806.exe
2014-08-12 09:55 - 2014-08-12 09:54 - 00000000 ____D () C:\Users\Michael\AppData\Local\{16A1732A-8B23-43D9-B2F8-08B5350750A4}
2014-08-11 11:21 - 2013-10-29 11:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-11 11:20 - 2014-08-11 11:20 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-11 11:20 - 2014-08-11 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-11 11:20 - 2013-07-03 01:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-10 14:05 - 2014-08-10 14:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F467A3D9-869E-4765-9078-E3264A274CF0}
2014-08-09 22:23 - 2014-08-09 22:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F7399A5B-CD27-486F-A1D5-FD6C3D51BCEA}
2014-08-08 22:34 - 2011-02-08 22:20 - 00000000 ____D () C:\ProgramData\Skype
2014-08-08 22:33 - 2014-08-08 22:33 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7D239DDE-821E-4374-AB96-548753FFCF88}
2014-08-07 10:42 - 2014-08-07 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5CA6A5DA-5962-42D5-85A3-DD0C8C5E074A}
2014-08-07 04:06 - 2014-08-13 10:47 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 10:47 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 23:24 - 2014-08-05 23:24 - 00000000 ____D () C:\Users\Michael\AppData\Local\{4259FC1B-9E4C-4327-8682-FDFA031883E7}
2014-08-05 10:44 - 2014-08-05 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{02E8177A-A326-430D-9F87-8695E6E7A536}
2014-08-05 09:20 - 2013-05-19 23:20 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 10:30 - 2013-08-05 18:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-04 10:21 - 2014-08-04 10:21 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0ED40260-078E-4866-808C-6365BF7B08E7}
2014-08-03 10:42 - 2014-08-03 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7FDF989D-B9F7-4C21-AF30-B584D8B06731}
2014-08-02 10:44 - 2014-08-02 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0AB8EE49-D6F2-4F5A-A331-5A29BAB69788}
2014-08-01 16:43 - 2014-08-01 16:43 - 00000000 ____D () C:\Users\Michael\AppData\Local\{E4EC2F12-65F1-4545-8BAC-BE4850219F5D}
2014-08-01 11:40 - 2014-08-01 11:40 - 00000000 ____D () C:\Users\Michael\AppData\Local\{56FDFAE9-4B17-4F4B-9C85-E6BE0DC83F9D}
2014-08-01 01:41 - 2014-08-19 21:44 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-19 21:44 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 10:13 - 2014-07-31 10:13 - 00000000 ____D () C:\Users\Michael\AppData\Local\{9ED1D688-C768-4252-837E-9EED3F2C7C81}
2014-07-30 10:06 - 2014-07-30 10:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{DF2A5F04-B151-45D0-B89C-5B72B809C057}
2014-07-30 10:05 - 2012-04-25 18:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-28 23:40 - 2012-02-14 15:16 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\TeamViewer
2014-07-28 23:39 - 2014-07-28 23:39 - 06263496 _____ (TeamViewer GmbH) C:\Users\Michael\Downloads\TeamViewer_Setup_de(1).exe
2014-07-28 14:09 - 2014-07-28 14:09 - 00000000 ____D () C:\Users\Michael\AppData\Local\{FC51DA7A-724C-4067-B14C-ECA44D6160F6}
2014-07-27 02:56 - 2014-07-27 02:56 - 00000000 ____D () C:\Users\Michael\AppData\Local\{86D836D1-7D57-417C-9539-3178402DEBDB}
2014-07-26 11:10 - 2014-07-26 11:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{27BC7407-D8A8-4BE1-AEBE-30E39F3C0A4F}
2014-07-25 16:52 - 2014-08-19 21:44 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-19 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-19 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-19 21:44 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-19 21:44 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-19 21:44 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-19 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-19 21:44 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-19 21:44 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-19 21:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-19 21:44 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-19 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-19 21:44 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-19 21:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-19 21:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-19 21:44 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-19 21:44 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-19 21:44 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-19 21:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-19 21:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-19 21:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-19 21:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-19 21:44 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-19 21:44 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-19 21:44 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-19 21:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-19 21:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-19 21:44 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-19 21:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-19 21:44 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-19 21:44 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-19 21:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-19 21:44 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-19 21:44 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-19 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-19 21:44 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-19 21:44 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-19 21:44 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-19 21:44 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-19 21:44 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-19 21:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-19 21:44 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-19 21:44 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-19 21:44 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-19 21:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-19 21:44 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-19 21:44 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-19 21:44 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-19 21:44 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-19 21:44 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-19 21:44 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-19 21:44 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-19 21:44 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-19 21:44 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-25 10:06 - 2014-07-25 10:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{524DF4E6-F594-4222-957A-51E5964C0E9F}
2014-07-25 10:05 - 2012-05-13 15:18 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 10:05 - 2012-05-13 15:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 10:05 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-24 10:43 - 2012-05-13 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
Some content of TEMP:
====================
C:\Users\Michael\AppData\Local\Temp\avgnt.exe
C:\Users\Michael\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 15:44
==================== End Of Log ============================
Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by Michael at 2014-08-23 01:55:11
Running from C:\Users\Michael\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.4.0 - Liteon)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Connect Add-in (HKCU\...\Adobe Connect Add-in) (Version: - )
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2829.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.2829.50 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dr Kawashima (HKCU\...\DrKawashima) (Version: 1.0 - )
EaseUS Data Recovery Wizard 6.1 (HKLM-x32\...\EaseUS Data Recovery Wizard 6.1_is1) (Version: - EaseUS)
EASEUS Partition Master 7.0.1 Home Edition (HKLM-x32\...\EASEUS Partition Master Home Edition_is1) (Version: - EASEUS)
EASEUS Todo Backup Home 2.0 (HKLM-x32\...\EASEUS Todo Backup Home 2.0_is1) (Version: 2.0.0.1 - CHENGDU YIWO Tech Development Co., Ltd)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
Free Audio Converter version 5.0.45.806 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.45.806 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
ICQ7.4 (HKLM-x32\...\{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}) (Version: 7.4 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
K-Lite Codec Pack 7.7.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.7.0 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.12 - Acer Inc.)
Logitech Desktop Messenger (HKLM-x32\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: 2.52.18 - Logitech, Inc.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2000 SR-1 Professional (HKLM-x32\...\{00010407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM-x32\...\{90170407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word 2000 (HKLM-x32\...\{00170407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8928 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8928 - NTI Corporation) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5903 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.5.9060 - ooVoo LLC.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WEKA Media GmbH & Co.KG Technische Hilfeleistung 4.0 (HKLM-x32\...\WEKA Media GmbH & Co.KG Technische Hilfeleistung 4.0) (Version: - )
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3002 - Acer Incorporated)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-08-21 12:55 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {C70325C1-6345-42AF-A8DF-CF21A9CCFC05} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
==================== Loaded Modules (whitelisted) =============
2011-10-05 03:26 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-07-14 21:23 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-02-08 21:29 - 2011-01-22 16:57 - 00050056 _____ () C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\CodeLog.dll
2011-02-08 21:30 - 2008-11-25 18:18 - 01291264 _____ () C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\libxml2.dll
2011-02-08 21:30 - 2004-10-05 04:08 - 00055808 _____ () C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\zlib1.dll
2010-06-28 15:20 - 2010-06-28 15:20 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-06-28 15:12 - 2010-06-28 15:12 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2010-07-25 08:10 - 2009-05-20 08:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2014-08-21 14:41 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Michael\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-08-13 12:42 - 2014-08-13 12:42 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\e28fdf645d0ce4b58b0ee3352e1de34c\IsdiInterop.ni.dll
2010-07-13 13:32 - 2010-04-13 18:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/22/2014 00:41:17 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).
Error: (08/22/2014 00:36:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/22/2014 00:36:02 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (08/22/2014 11:56:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/22/2014 11:56:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/22/2014 11:54:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000cd7e8
ID des fehlerhaften Prozesses: 0x1034
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Error: (08/22/2014 10:42:40 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Windows Live Sync wird entfernt; Fehler = 0x80070422).
Error: (08/22/2014 10:42:38 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Windows Live Sync wird entfernt; Fehler = 0x80070422).
Error: (08/22/2014 10:40:42 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = WLSetup wird installiert; Fehler = 0x80070422).
Error: (08/22/2014 10:40:41 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = WLSetup wird installiert; Fehler = 0x80070422).
System errors:
=============
Error: (08/21/2014 00:57:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "EASEUS Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/21/2014 00:55:16 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (08/21/2014 00:52:23 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/21/2014 00:49:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (08/21/2014 00:44:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "EASEUS Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/21/2014 02:38:22 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (08/21/2014 01:49:21 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 21.08.2014 um 01:47:37 unerwartet heruntergefahren.
Error: (08/21/2014 01:29:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (08/21/2014 01:26:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (08/21/2014 01:26:33 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (08/22/2014 00:41:17 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x80070422
Error: (08/22/2014 00:36:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (08/22/2014 00:36:02 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (08/22/2014 11:56:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Michael\Downloads\esetsmartinstaller_deu(1).exe
Error: (08/22/2014 11:56:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Michael\Downloads\esetsmartinstaller_deu.exe
Error: (08/22/2014 11:54:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000000800000000000cd7e8103401cfbde3cf51229aC:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll4cba19c2-29e2-11e4-b3ba-88ae1d993dcd
Error: (08/22/2014 10:42:40 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VWindows Live Sync wird entfernt0x80070422
Error: (08/22/2014 10:42:38 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VWindows Live Sync wird entfernt0x80070422
Error: (08/22/2014 10:40:42 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VWLSetup wird installiert0x80070422
Error: (08/22/2014 10:40:41 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VWLSetup wird installiert0x80070422
CodeIntegrity Errors:
===================================
Date: 2014-08-21 12:52:23.296
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-21 12:52:23.031
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 35%
Total physical RAM: 3958.71 MB
Available physical RAM: 2549.3 MB
Total Pagefile: 7917.42 MB
Available Pagefile: 6374.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:141.6 GB) (Free:89.13 GB) NTFS
Drive e: (Privates) (Fixed) (Total:73.75 GB) (Free:8.53 GB) NTFS
Drive f: () (Fixed) (Total:237.3 GB) (Free:19.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5123CE05)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=311.1 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
|
23.08.2014, 20:41
| #6 |
| /// the machine /// TB-Ausbilder | Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbstESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ --> Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst |
|
25.08.2014, 09:38
| #7 |
| | Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst Moin! Leider besteht das eingangs beschriebene Problem weiterhin. So etwas hartnäckiges hatte ich mir bisher noch nie eingefangen. ... Wird mir eine Lehre sein! Wie gefordert, hier die Logs vom Eset-Scanner und dem SecurityCheck: Eset Online Scanner: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=10b176bc662c064b91c6f2f0b13d65bc
# engine=19703
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-17 09:58:02
# local_time=2014-08-17 11:58:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 21327 152864860 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 11623 159942532 0 0
# scanned=194650
# found=11
# cleaned=0
# scan_time=5108
sh=CCFD5C9F5713B686817AF3643C363D0EB1ED6682 ft=1 fh=e7fb1b62b294b820 vn="Variante von Win32/Kryptik.CJAJ Trojaner" ac=I fn="C:\ProgramData\Windows Genuine Advantage\{208BC3B3-B08D-4418-AD1B-A06C40A99584}\api-ms-win-system-softpub-l1-1-0.dll"
sh=475573E400DC9B9C8DBE2B7F11E342CDAF832859 ft=1 fh=077468ab37f52eaf vn="Variante von Win32/Injector.BKBO Trojaner" ac=I fn="C:\ProgramData\Windows Genuine Advantage\{7855ED3E-1275-46B0-BC5E-2EC57BA6A883}\msiexec.exe"
sh=A468BFF10D62699A4DA896F5B4E3A1FC42ED4262 ft=1 fh=4574d700c2950790 vn="Variante von Win32/Kryptik.CJAJ Trojaner" ac=I fn="C:\ProgramData\Windows Genuine Advantage\{F434E951-7390-4FBE-AEAD-83B944E39CA3}\api-ms-win-system-dbghelp-l1-1-0.dll"
sh=CCFD5C9F5713B686817AF3643C363D0EB1ED6682 ft=1 fh=e7fb1b62b294b820 vn="Variante von Win32/Kryptik.CJAJ Trojaner" ac=I fn="C:\Users\All Users\Windows Genuine Advantage\{208BC3B3-B08D-4418-AD1B-A06C40A99584}\api-ms-win-system-softpub-l1-1-0.dll"
sh=475573E400DC9B9C8DBE2B7F11E342CDAF832859 ft=1 fh=077468ab37f52eaf vn="Variante von Win32/Injector.BKBO Trojaner" ac=I fn="C:\Users\All Users\Windows Genuine Advantage\{7855ED3E-1275-46B0-BC5E-2EC57BA6A883}\msiexec.exe"
sh=A468BFF10D62699A4DA896F5B4E3A1FC42ED4262 ft=1 fh=4574d700c2950790 vn="Variante von Win32/Kryptik.CJAJ Trojaner" ac=I fn="C:\Users\All Users\Windows Genuine Advantage\{F434E951-7390-4FBE-AEAD-83B944E39CA3}\api-ms-win-system-dbghelp-l1-1-0.dll"
sh=2FD6FDE8B9EBF9B2F8166F7C22471FA89DC27E57 ft=1 fh=be959ac7a84195e9 vn="Variante von Win32/Kryptik.CJAJ Trojaner" ac=I fn="C:\Users\Michael\AppData\Local\Temp\0seG.dll"
sh=2FD6FDE8B9EBF9B2F8166F7C22471FA89DC27E57 ft=1 fh=be959ac7a84195e9 vn="Variante von Win32/Kryptik.CJAJ Trojaner" ac=I fn="C:\Users\Michael\AppData\Local\Temp\oNkx.dll"
sh=31363DCA18AABCEBAAE3DCD2742DBCE3356E0840 ft=1 fh=7dcb7c7c51b88583 vn="Variante von Win32/Complitly.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Templates\FCTBSetup.exe"
sh=4AF3EBD6F402E5AE4BE393D8C30AFC6BE623B96E ft=1 fh=9ae7f7a162c84dc9 vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Downloads\FCTBSetup.exe"
sh=52F814443453A0453C2FE9D88A881514EEF299A0 ft=1 fh=a4842f99aaa50cda vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Downloads\iLividSetup.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=10b176bc662c064b91c6f2f0b13d65bc
# engine=19712
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-08-18 02:43:07
# local_time=2014-08-18 04:43:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 20193 152925165 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7307 160002837 0 0
# scanned=185701
# found=19
# cleaned=0
# scan_time=5155
sh=CF92EF99DF15AB14921C67AAB06FB54EB233D5CF ft=1 fh=9f7e8407bea4283c vn="Variante von Win32/Bundled.Toolbar.Ask.E potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe"
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe"
sh=D1D84E78302885295C3EC173CF25B20794123E7F ft=1 fh=62ab64a2f36b7f02 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\ICQ7.4\upgrade\2dcd1d63cb45e6613582211c3d5f4b23"
sh=44B1CB2BCCE1BD052FBE05907F4451E1752BC085 ft=1 fh=4ff293b6f57e565a vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\ICQ7.4\upgrade\53e83dd5315bfb1f928441c9b4618b68"
sh=31363DCA18AABCEBAAE3DCD2742DBCE3356E0840 ft=1 fh=7dcb7c7c51b88583 vn="Variante von Win32/Complitly.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Templates\FCTBSetup.exe"
sh=0F97FB08E6FC4500F86E64D3285C171C6462BD61 ft=1 fh=acbbffe185c36761 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Michael\Downloads\ccsetup410.exe"
sh=9AA5E59F80A95BDFC48FBB4DC9F4B7212749E67D ft=1 fh=2fe225811afcde6b vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Michael\Downloads\ccsetup416.exe"
sh=4AF3EBD6F402E5AE4BE393D8C30AFC6BE623B96E ft=1 fh=9ae7f7a162c84dc9 vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Downloads\FCTBSetup.exe"
sh=F28351CAB19BE1A2F8C60F1A2B9BB3C66BD2D774 ft=1 fh=8e32188fc77b1688 vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\Users\Michael\Downloads\FreeAudioConverter-5.0.45.806.exe"
sh=33F04429D65D2B254BBBDBB9E480BE4EB2F719E5 ft=1 fh=666b4b7ce1b684c0 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Michael\Downloads\OrbitDownloaderSetup4111.exe"
sh=44A7AE70AA7AC181E962591F263CFA55C823B4FC ft=1 fh=cf972a16567b49c6 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Michael\Downloads\Shockwave_Installer_Slim.exe"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\Adobe\Shockwave 12\gt.exe"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ApnIC[1].0"
sh=E32AA2E78D2C8F0E9316080E71A714BEFE851E6C ft=1 fh=374915f71a49693e vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ApnIC[1].0"
sh=E32AA2E78D2C8F0E9316080E71A714BEFE851E6C ft=1 fh=374915f71a49693e vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=10b176bc662c064b91c6f2f0b13d65bc
# engine=19754
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-08-20 09:32:53
# local_time=2014-08-20 11:32:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 91009 153122551 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 6935 160200223 0 0
# scanned=202823
# found=20
# cleaned=0
# scan_time=5668
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe"
sh=D1D84E78302885295C3EC173CF25B20794123E7F ft=1 fh=62ab64a2f36b7f02 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\ICQ7.4\upgrade\2dcd1d63cb45e6613582211c3d5f4b23"
sh=44B1CB2BCCE1BD052FBE05907F4451E1752BC085 ft=1 fh=4ff293b6f57e565a vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\ICQ7.4\upgrade\53e83dd5315bfb1f928441c9b4618b68"
sh=31363DCA18AABCEBAAE3DCD2742DBCE3356E0840 ft=1 fh=7dcb7c7c51b88583 vn="Variante von Win32/Complitly.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Templates\FCTBSetup.exe"
sh=0F97FB08E6FC4500F86E64D3285C171C6462BD61 ft=1 fh=acbbffe185c36761 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Michael\Downloads\ccsetup410.exe"
sh=9AA5E59F80A95BDFC48FBB4DC9F4B7212749E67D ft=1 fh=2fe225811afcde6b vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Michael\Downloads\ccsetup416.exe"
sh=4AF3EBD6F402E5AE4BE393D8C30AFC6BE623B96E ft=1 fh=9ae7f7a162c84dc9 vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Downloads\FCTBSetup.exe"
sh=F28351CAB19BE1A2F8C60F1A2B9BB3C66BD2D774 ft=1 fh=8e32188fc77b1688 vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\Users\Michael\Downloads\FreeAudioConverter-5.0.45.806.exe"
sh=33F04429D65D2B254BBBDBB9E480BE4EB2F719E5 ft=1 fh=666b4b7ce1b684c0 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Michael\Downloads\OrbitDownloaderSetup4111.exe"
sh=44A7AE70AA7AC181E962591F263CFA55C823B4FC ft=1 fh=cf972a16567b49c6 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Michael\Downloads\Shockwave_Installer_Slim.exe"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\Adobe\Shockwave 12\gt.exe"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ApnIC[1].0"
sh=E32AA2E78D2C8F0E9316080E71A714BEFE851E6C ft=1 fh=374915f71a49693e vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ApnIC[1].0"
sh=E32AA2E78D2C8F0E9316080E71A714BEFE851E6C ft=1 fh=374915f71a49693e vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=10b176bc662c064b91c6f2f0b13d65bc
# engine=19799
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-08-23 10:46:41
# local_time=2014-08-23 12:46:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 4497 153342979 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 87247 160420651 0 0
# scanned=200423
# found=19
# cleaned=0
# scan_time=3872
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe"
sh=D1D84E78302885295C3EC173CF25B20794123E7F ft=1 fh=62ab64a2f36b7f02 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\ICQ7.4\upgrade\2dcd1d63cb45e6613582211c3d5f4b23"
sh=44B1CB2BCCE1BD052FBE05907F4451E1752BC085 ft=1 fh=4ff293b6f57e565a vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\ICQ7.4\upgrade\53e83dd5315bfb1f928441c9b4618b68"
sh=31363DCA18AABCEBAAE3DCD2742DBCE3356E0840 ft=1 fh=7dcb7c7c51b88583 vn="Variante von Win32/Complitly.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Templates\FCTBSetup.exe"
sh=0F97FB08E6FC4500F86E64D3285C171C6462BD61 ft=1 fh=acbbffe185c36761 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Michael\Downloads\ccsetup410.exe"
sh=9AA5E59F80A95BDFC48FBB4DC9F4B7212749E67D ft=1 fh=2fe225811afcde6b vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Michael\Downloads\ccsetup416.exe"
sh=4AF3EBD6F402E5AE4BE393D8C30AFC6BE623B96E ft=1 fh=9ae7f7a162c84dc9 vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Downloads\FCTBSetup.exe"
sh=F28351CAB19BE1A2F8C60F1A2B9BB3C66BD2D774 ft=1 fh=8e32188fc77b1688 vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\Users\Michael\Downloads\FreeAudioConverter-5.0.45.806.exe"
sh=33F04429D65D2B254BBBDBB9E480BE4EB2F719E5 ft=1 fh=666b4b7ce1b684c0 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Michael\Downloads\OrbitDownloaderSetup4111.exe"
sh=44A7AE70AA7AC181E962591F263CFA55C823B4FC ft=1 fh=cf972a16567b49c6 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Michael\Downloads\Shockwave_Installer_Slim.exe"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\Adobe\Shockwave 12\gt.exe"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ApnIC[1].0"
sh=E32AA2E78D2C8F0E9316080E71A714BEFE851E6C ft=1 fh=374915f71a49693e vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ApnIC[1].0"
sh=E32AA2E78D2C8F0E9316080E71A714BEFE851E6C ft=1 fh=374915f71a49693e vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=10b176bc662c064b91c6f2f0b13d65bc
# engine=19814
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-24 01:56:50
# local_time=2014-08-24 03:56:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 102306 153440788 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 79349 160518460 0 0
# scanned=199824
# found=2
# cleaned=0
# scan_time=5651
sh=31363DCA18AABCEBAAE3DCD2742DBCE3356E0840 ft=1 fh=7dcb7c7c51b88583 vn="Variante von Win32/Complitly.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Templates\FCTBSetup.exe"
sh=4AF3EBD6F402E5AE4BE393D8C30AFC6BE623B96E ft=1 fh=9ae7f7a162c84dc9 vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Downloads\FCTBSetup.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.87
x64
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Avira Desktop
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
`````````Anti-malware/Other Utilities Check:`````````
JavaFX 2.1.0
Java 7 Update 67
Java version out of Date!
Adobe Flash Player 14.0.0.179
Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 03
Ran by Michael (administrator) on MICHAEL-PC on 24-08-2014 21:59:06
Running from C:\Users\Michael\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\Agent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\EuWatch.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\Logitech\QCDriver3\LVComS.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [968272 2010-06-22] (Dritek System Inc.)
HKLM-x32\...\Run: [EaseUs Watch] => C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\EuWatch.exe [69000 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [LVCOMS] => C:\Program Files (x86)\Common Files\Logitech\QCDriver3\LVCOMS.EXE [127022 2002-12-10] (Logitech Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
BHO: No Name -> {41564952-412D-5637-00A7-7A786E7484D7} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.3.1
FireFox:
========
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default\Extensions\abs@avira.com [2014-08-19]
FF Extension: DownloadHelper - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-08]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 EASEUS Agent; C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\Agent.exe [55688 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2010-07-15] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2010-07-15] () [File not signed]
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [36232 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R3 EuDisk; C:\Windows\System32\DRIVERS\EuDisk.sys [193416 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd)
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [17800 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUFS; C:\Windows\System32\drivers\eufs.sys [26504 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2010-07-15] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2010-07-15] () [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-24 21:59 - 2014-08-24 21:59 - 00015666 _____ () C:\Users\Michael\Desktop\FRST.txt
2014-08-24 21:57 - 2014-08-24 21:57 - 00000000 ____D () C:\Users\Michael\Desktop\FRST-OlderVersion
2014-08-24 19:39 - 2014-08-24 19:39 - 00000883 _____ () C:\Users\Michael\Desktop\checkup.txt
2014-08-24 13:50 - 2014-08-24 13:50 - 00001619 _____ () C:\Users\Michael\Desktop\log.txt - Verknüpfung.lnk
2014-08-24 13:46 - 2014-08-24 13:46 - 00854417 _____ () C:\Users\Michael\Desktop\SecurityCheck.exe
2014-08-23 01:44 - 2014-08-23 01:44 - 00000000 ____D () C:\Windows\ERUNT
2014-08-23 01:32 - 2014-08-23 01:37 - 00000000 ____D () C:\AdwCleaner
2014-08-23 00:39 - 2014-08-23 01:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-23 00:39 - 2014-08-23 00:39 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-23 00:39 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-23 00:39 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-23 00:39 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-22 10:42 - 2014-08-22 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{84B2BD56-FBBB-41EE-AC4E-C7E2FB21D627}
2014-08-22 10:38 - 2014-08-22 10:38 - 00000000 ____D () C:\Users\Michael\AppData\Local\{10ABC367-1C41-4F2A-AFB7-D35A242592E0}
2014-08-21 12:45 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-21 12:45 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-21 12:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-21 12:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-21 12:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-21 12:45 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-21 12:45 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-21 12:45 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-21 12:44 - 2014-08-21 13:08 - 00000000 ____D () C:\Qoobox
2014-08-21 12:44 - 2014-08-21 13:06 - 00000000 ____D () C:\Windows\erdnt
2014-08-21 11:32 - 2014-08-21 11:32 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F5AD1383-6808-4242-90EB-8565D83E6426}
2014-08-21 01:30 - 2014-08-21 01:30 - 00000000 ____D () C:\Users\Michael\AppData\Local\{9E9223FE-F6FB-4A0E-AD38-B3FB7F54EB42}
2014-08-21 01:22 - 2014-08-21 01:22 - 00291864 _____ () C:\Windows\Minidump\082114-25537-01.dmp
2014-08-20 21:19 - 2014-08-24 21:59 - 00000000 ____D () C:\FRST
2014-08-20 21:17 - 2014-08-20 21:17 - 00000000 _____ () C:\Users\Michael\defogger_reenable
2014-08-20 20:50 - 2014-08-20 20:50 - 00000000 ____D () C:\Users\Michael\AppData\Local\{3D2DD5FB-6969-4999-B157-B2A43AC4ECE1}
2014-08-20 20:24 - 2014-08-24 21:57 - 00000000 ____D () C:\Users\Michael\Desktop\System-Säuberung
2014-08-20 20:21 - 2014-08-24 21:57 - 02103296 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2014-08-20 11:36 - 2014-08-20 11:36 - 00046873 _____ () C:\Windows\SysWOW64\unil.exe
2014-08-20 11:36 - 2014-08-20 11:36 - 00000000 ____D () C:\Michael
2014-08-19 21:44 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 21:44 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 21:44 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 21:44 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 21:44 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 21:44 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 21:44 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 21:44 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 21:44 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 21:44 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 21:44 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 21:44 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 21:44 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 21:44 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-19 21:44 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 21:44 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 21:44 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-19 21:44 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 21:44 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-19 21:44 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-19 21:44 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-19 21:44 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-19 21:44 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-19 21:44 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-19 21:44 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 21:44 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-19 21:44 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-19 21:44 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-19 21:44 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-19 21:44 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-19 21:44 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-19 21:44 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-19 21:44 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-19 21:44 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-19 21:44 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-19 21:44 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 21:44 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-19 21:44 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-19 21:44 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 21:44 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-19 21:44 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-19 21:44 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-19 21:44 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-19 21:44 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-19 21:44 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-19 21:44 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-19 21:44 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-19 21:44 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-19 21:44 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-19 21:44 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-19 21:44 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-19 21:44 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-19 21:44 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-19 21:44 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-19 21:44 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-19 21:44 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-19 15:51 - 2014-08-19 15:51 - 00000000 ____D () C:\Users\Michael\AppData\Local\{38B2E845-4D07-4961-B970-98EC8CD0CEAD}
2014-08-19 15:39 - 2014-08-19 15:39 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-19 15:37 - 2014-08-19 15:37 - 02077392 _____ (Microsoft Corporation) C:\Users\Michael\Downloads\IE11-Windows6.1.exe
2014-08-19 15:15 - 2014-08-19 15:15 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C44E66C8-D51D-495E-BA97-4304D70E0182}
2014-08-19 15:10 - 2014-08-19 15:11 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\Michael\Downloads\avira_de_av___ws.exe
2014-08-19 12:40 - 2014-08-19 15:50 - 00001417 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-18 22:44 - 2014-08-18 22:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{731D6040-732C-4DE9-98FC-709267031DBD}
2014-08-18 15:06 - 2014-08-18 15:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{99AC47CD-5F49-4750-A2FF-426C684CBE8E}
2014-08-18 14:01 - 2014-08-18 14:01 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F0D04E7A-FEB5-4741-AEDF-E437370C8C62}
2014-08-18 13:02 - 2014-08-18 13:02 - 00000000 ____D () C:\Users\Michael\AppData\Local\{153F9F39-0933-4147-AE57-91E7DA2D8CAA}
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5D930934-5124-466B-AE81-79A4AF65A101}
2014-08-17 22:20 - 2014-08-17 22:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-17 22:19 - 2014-08-17 22:20 - 02347384 _____ (ESET) C:\Users\Michael\Downloads\esetsmartinstaller_deu.exe
2014-08-17 21:30 - 2014-08-19 11:56 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\QuickScan
2014-08-17 18:05 - 2014-08-17 18:06 - 04813544 _____ (Piriform Ltd) C:\Users\Michael\Downloads\ccsetup416.exe
2014-08-17 17:57 - 2014-08-17 17:57 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1BC41C44-349C-4656-B3E0-26163AA28D42}
2014-08-17 17:10 - 2014-08-17 17:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0107BFDA-B12C-48F6-8E47-B4AB6B8CDE05}
2014-08-17 01:04 - 2014-08-17 01:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{34A4F854-7900-4862-8F65-6E12975E9D54}
2014-08-15 09:23 - 2014-08-15 09:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1442DB7E-FFC6-4E4C-91D8-99B7C9E1E12B}
2014-08-14 10:36 - 2014-08-14 10:37 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C42E855C-4B60-429C-B1B3-4D95D47F24DA}
2014-08-13 12:19 - 2014-08-13 12:20 - 00000000 ____D () C:\Users\Michael\AppData\Local\{D1DF6F7D-6F82-4F22-ABDE-0C7640A75E89}
2014-08-13 10:51 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 10:51 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 10:51 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 10:51 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 10:51 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 10:51 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 10:50 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 10:50 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 10:49 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 10:49 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 10:49 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 10:49 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 10:49 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 10:49 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 10:49 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 10:49 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 10:49 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 10:48 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 10:47 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 10:47 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 10:41 - 2014-08-13 10:41 - 00000000 ____D () C:\Users\Michael\AppData\Local\{42D91D13-48AF-4C95-AC18-F5C8ED438B6B}
2014-08-12 20:25 - 2014-08-12 20:25 - 00001442 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-08-12 20:25 - 2014-08-12 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-08-12 20:24 - 2014-08-12 20:25 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-08-12 20:23 - 2014-08-12 20:24 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\DVDVideoSoft
2014-08-12 20:21 - 2014-08-12 20:21 - 28401992 _____ (DVDVideoSoft Ltd. ) C:\Users\Michael\Downloads\FreeAudioConverter-5.0.45.806.exe
2014-08-12 09:54 - 2014-08-12 09:55 - 00000000 ____D () C:\Users\Michael\AppData\Local\{16A1732A-8B23-43D9-B2F8-08B5350750A4}
2014-08-11 11:20 - 2014-08-11 11:20 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-11 11:20 - 2014-08-11 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-10 14:04 - 2014-08-10 14:05 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F467A3D9-869E-4765-9078-E3264A274CF0}
2014-08-09 22:23 - 2014-08-09 22:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F7399A5B-CD27-486F-A1D5-FD6C3D51BCEA}
2014-08-08 22:33 - 2014-08-08 22:33 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7D239DDE-821E-4374-AB96-548753FFCF88}
2014-08-07 10:42 - 2014-08-07 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5CA6A5DA-5962-42D5-85A3-DD0C8C5E074A}
2014-08-05 23:24 - 2014-08-05 23:24 - 00000000 ____D () C:\Users\Michael\AppData\Local\{4259FC1B-9E4C-4327-8682-FDFA031883E7}
2014-08-05 10:44 - 2014-08-05 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{02E8177A-A326-430D-9F87-8695E6E7A536}
2014-08-04 10:30 - 2014-08-18 15:10 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-04 10:30 - 2014-08-18 15:09 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-04 10:21 - 2014-08-04 10:21 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0ED40260-078E-4866-808C-6365BF7B08E7}
2014-08-03 10:42 - 2014-08-03 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7FDF989D-B9F7-4C21-AF30-B584D8B06731}
2014-08-02 10:44 - 2014-08-02 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0AB8EE49-D6F2-4F5A-A331-5A29BAB69788}
2014-08-01 16:43 - 2014-08-01 16:43 - 00000000 ____D () C:\Users\Michael\AppData\Local\{E4EC2F12-65F1-4545-8BAC-BE4850219F5D}
2014-08-01 11:43 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 11:43 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 11:43 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 11:43 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 11:43 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 11:42 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 11:42 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 11:42 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 11:42 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-01 11:40 - 2014-08-01 11:40 - 00000000 ____D () C:\Users\Michael\AppData\Local\{56FDFAE9-4B17-4F4B-9C85-E6BE0DC83F9D}
2014-07-31 10:13 - 2014-07-31 10:13 - 00000000 ____D () C:\Users\Michael\AppData\Local\{9ED1D688-C768-4252-837E-9EED3F2C7C81}
2014-07-30 10:06 - 2014-07-30 10:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{DF2A5F04-B151-45D0-B89C-5B72B809C057}
2014-07-28 23:39 - 2014-07-28 23:39 - 06263496 _____ (TeamViewer GmbH) C:\Users\Michael\Downloads\TeamViewer_Setup_de(1).exe
2014-07-28 14:09 - 2014-07-28 14:09 - 00000000 ____D () C:\Users\Michael\AppData\Local\{FC51DA7A-724C-4067-B14C-ECA44D6160F6}
2014-07-27 02:56 - 2014-07-27 02:56 - 00000000 ____D () C:\Users\Michael\AppData\Local\{86D836D1-7D57-417C-9539-3178402DEBDB}
2014-07-26 11:10 - 2014-07-26 11:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{27BC7407-D8A8-4BE1-AEBE-30E39F3C0A4F}
2014-07-25 10:06 - 2014-07-25 10:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{524DF4E6-F594-4222-957A-51E5964C0E9F}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-24 21:59 - 2014-08-24 21:59 - 00015666 _____ () C:\Users\Michael\Desktop\FRST.txt
2014-08-24 21:59 - 2014-08-20 21:19 - 00000000 ____D () C:\FRST
2014-08-24 21:59 - 2011-02-08 22:20 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Skype
2014-08-24 21:57 - 2014-08-24 21:57 - 00000000 ____D () C:\Users\Michael\Desktop\FRST-OlderVersion
2014-08-24 21:57 - 2014-08-20 20:24 - 00000000 ____D () C:\Users\Michael\Desktop\System-Säuberung
2014-08-24 21:57 - 2014-08-20 20:21 - 02103296 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2014-08-24 19:53 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-24 19:53 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-24 19:49 - 2010-09-17 18:57 - 02024674 _____ () C:\Windows\WindowsUpdate.log
2014-08-24 19:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-24 19:46 - 2009-07-14 06:51 - 00188471 _____ () C:\Windows\setupact.log
2014-08-24 19:39 - 2014-08-24 19:39 - 00000883 _____ () C:\Users\Michael\Desktop\checkup.txt
2014-08-24 13:50 - 2014-08-24 13:50 - 00001619 _____ () C:\Users\Michael\Desktop\log.txt - Verknüpfung.lnk
2014-08-24 13:46 - 2014-08-24 13:46 - 00854417 _____ () C:\Users\Michael\Desktop\SecurityCheck.exe
2014-08-24 12:56 - 2011-02-07 23:29 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-08-23 01:44 - 2014-08-23 01:44 - 00000000 ____D () C:\Windows\ERUNT
2014-08-23 01:38 - 2010-09-17 18:54 - 00171952 _____ () C:\Windows\PFRO.log
2014-08-23 01:37 - 2014-08-23 01:32 - 00000000 ____D () C:\AdwCleaner
2014-08-23 01:37 - 2014-06-10 23:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-23 01:13 - 2014-08-23 00:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-23 00:39 - 2014-08-23 00:39 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-22 14:33 - 2011-10-05 03:30 - 00000000 ____D () C:\Users\Michael\AppData\Local\FreePDF_XP
2014-08-22 14:24 - 2011-02-07 18:32 - 00000000 ____D () C:\Users\Michael
2014-08-22 14:16 - 2011-10-02 16:00 - 00443904 ___SH () C:\Users\Michael\Thumbs.db
2014-08-22 10:42 - 2014-08-22 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{84B2BD56-FBBB-41EE-AC4E-C7E2FB21D627}
2014-08-22 10:42 - 2010-09-17 19:20 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-08-22 10:38 - 2014-08-22 10:38 - 00000000 ____D () C:\Users\Michael\AppData\Local\{10ABC367-1C41-4F2A-AFB7-D35A242592E0}
2014-08-22 10:38 - 2011-02-09 18:59 - 00000000 ____D () C:\Users\Michael\Tracing
2014-08-22 10:37 - 2013-05-19 23:11 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-08-21 13:08 - 2014-08-21 12:44 - 00000000 ____D () C:\Qoobox
2014-08-21 13:08 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-21 13:06 - 2014-08-21 12:44 - 00000000 ____D () C:\Windows\erdnt
2014-08-21 12:57 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-21 11:32 - 2014-08-21 11:32 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F5AD1383-6808-4242-90EB-8565D83E6426}
2014-08-21 01:30 - 2014-08-21 01:30 - 00000000 ____D () C:\Users\Michael\AppData\Local\{9E9223FE-F6FB-4A0E-AD38-B3FB7F54EB42}
2014-08-21 01:22 - 2014-08-21 01:22 - 00291864 _____ () C:\Windows\Minidump\082114-25537-01.dmp
2014-08-21 01:22 - 2011-09-18 23:19 - 829095135 _____ () C:\Windows\MEMORY.DMP
2014-08-21 01:22 - 2011-09-18 23:19 - 00000000 ____D () C:\Windows\Minidump
2014-08-20 21:17 - 2014-08-20 21:17 - 00000000 _____ () C:\Users\Michael\defogger_reenable
2014-08-20 20:50 - 2014-08-20 20:50 - 00000000 ____D () C:\Users\Michael\AppData\Local\{3D2DD5FB-6969-4999-B157-B2A43AC4ECE1}
2014-08-20 20:49 - 2009-07-14 06:45 - 00286024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-20 17:52 - 2012-05-20 03:35 - 00000035 _____ () C:\Users\Michael\Desktop\proxtube.txt
2014-08-20 12:09 - 2013-09-13 02:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2014-08-20 11:36 - 2014-08-20 11:36 - 00046873 _____ () C:\Windows\SysWOW64\unil.exe
2014-08-20 11:36 - 2014-08-20 11:36 - 00000000 ____D () C:\Michael
2014-08-20 11:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-20 00:49 - 2012-01-11 17:53 - 00000000 ____D () C:\Users\Michael\AppData\Local\Unity
2014-08-20 00:48 - 2010-09-17 19:14 - 00040818 _____ () C:\Windows\DPINST.LOG
2014-08-20 00:03 - 2011-02-08 22:59 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\ICQ
2014-08-19 21:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-19 15:51 - 2014-08-19 15:51 - 00000000 ____D () C:\Users\Michael\AppData\Local\{38B2E845-4D07-4961-B970-98EC8CD0CEAD}
2014-08-19 15:50 - 2014-08-19 12:40 - 00001417 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-19 15:45 - 2013-11-12 11:03 - 00020973 _____ () C:\Windows\IE11_main.log
2014-08-19 15:39 - 2014-08-19 15:39 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-19 15:37 - 2014-08-19 15:37 - 02077392 _____ (Microsoft Corporation) C:\Users\Michael\Downloads\IE11-Windows6.1.exe
2014-08-19 15:15 - 2014-08-19 15:15 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C44E66C8-D51D-495E-BA97-4304D70E0182}
2014-08-19 15:11 - 2014-08-19 15:10 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\Michael\Downloads\avira_de_av___ws.exe
2014-08-19 11:56 - 2014-08-17 21:30 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\QuickScan
2014-08-19 02:37 - 2014-02-27 18:56 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-08-19 00:02 - 2011-09-20 18:26 - 00000140 _____ () C:\Windows\9888.MOD
2014-08-18 22:44 - 2014-08-18 22:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{731D6040-732C-4DE9-98FC-709267031DBD}
2014-08-18 22:42 - 2010-07-13 13:57 - 00000000 ____D () C:\Program Files (x86)\EgisTec MyWinLocker
2014-08-18 16:01 - 2010-07-13 13:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-18 15:39 - 2012-06-18 15:44 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-18 15:39 - 2012-06-18 15:44 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-08-18 15:10 - 2014-08-04 10:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 15:09 - 2014-08-04 10:30 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 15:09 - 2013-08-05 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 15:09 - 2013-08-05 18:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-18 15:06 - 2014-08-18 15:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{99AC47CD-5F49-4750-A2FF-426C684CBE8E}
2014-08-18 14:34 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-18 14:28 - 2012-11-13 17:41 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-18 14:01 - 2014-08-18 14:01 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F0D04E7A-FEB5-4741-AEDF-E437370C8C62}
2014-08-18 14:01 - 2011-02-07 18:32 - 00062472 _____ () C:\Users\Michael\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-18 13:59 - 2012-11-13 17:36 - 00004324 _____ () C:\ProgramData\hpzinstall.log
2014-08-18 13:59 - 2012-11-13 17:36 - 00000000 ____D () C:\ProgramData\HP
2014-08-18 13:02 - 2014-08-18 13:02 - 00000000 ____D () C:\Users\Michael\AppData\Local\{153F9F39-0933-4147-AE57-91E7DA2D8CAA}
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5D930934-5124-466B-AE81-79A4AF65A101}
2014-08-18 00:27 - 2012-09-27 00:03 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\FileZilla
2014-08-18 00:00 - 2011-09-15 11:40 - 00000353 _____ () C:\Users\Michael\Desktop\Neues Textdokument.txt
2014-08-17 22:20 - 2014-08-17 22:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-17 22:20 - 2014-08-17 22:19 - 02347384 _____ (ESET) C:\Users\Michael\Downloads\esetsmartinstaller_deu.exe
2014-08-17 18:07 - 2012-06-18 17:34 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-17 18:07 - 2012-06-18 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-17 18:07 - 2012-06-18 17:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-17 18:06 - 2014-08-17 18:05 - 04813544 _____ (Piriform Ltd) C:\Users\Michael\Downloads\ccsetup416.exe
2014-08-17 17:57 - 2014-08-17 17:57 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1BC41C44-349C-4656-B3E0-26163AA28D42}
2014-08-17 17:10 - 2014-08-17 17:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0107BFDA-B12C-48F6-8E47-B4AB6B8CDE05}
2014-08-17 01:04 - 2014-08-17 01:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{34A4F854-7900-4862-8F65-6E12975E9D54}
2014-08-15 09:23 - 2014-08-15 09:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1442DB7E-FFC6-4E4C-91D8-99B7C9E1E12B}
2014-08-14 20:54 - 2014-06-11 18:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\Adobe
2014-08-14 10:39 - 2012-04-03 10:00 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-14 10:39 - 2011-06-02 00:20 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-14 10:37 - 2014-08-14 10:36 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C42E855C-4B60-429C-B1B3-4D95D47F24DA}
2014-08-13 12:20 - 2014-08-13 12:19 - 00000000 ____D () C:\Users\Michael\AppData\Local\{D1DF6F7D-6F82-4F22-ABDE-0C7640A75E89}
2014-08-13 11:03 - 2013-07-14 13:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 10:55 - 2011-02-08 16:51 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 10:50 - 2014-04-23 10:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 10:41 - 2014-08-13 10:41 - 00000000 ____D () C:\Users\Michael\AppData\Local\{42D91D13-48AF-4C95-AC18-F5C8ED438B6B}
2014-08-12 20:25 - 2014-08-12 20:25 - 00001442 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-08-12 20:25 - 2014-08-12 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-08-12 20:25 - 2014-08-12 20:24 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-08-12 20:24 - 2014-08-12 20:23 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\DVDVideoSoft
2014-08-12 20:21 - 2014-08-12 20:21 - 28401992 _____ (DVDVideoSoft Ltd. ) C:\Users\Michael\Downloads\FreeAudioConverter-5.0.45.806.exe
2014-08-12 09:55 - 2014-08-12 09:54 - 00000000 ____D () C:\Users\Michael\AppData\Local\{16A1732A-8B23-43D9-B2F8-08B5350750A4}
2014-08-11 11:21 - 2013-10-29 11:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-11 11:20 - 2014-08-11 11:20 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-11 11:20 - 2014-08-11 11:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-11 11:20 - 2014-08-11 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-11 11:20 - 2013-07-03 01:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-10 14:05 - 2014-08-10 14:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F467A3D9-869E-4765-9078-E3264A274CF0}
2014-08-09 22:23 - 2014-08-09 22:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F7399A5B-CD27-486F-A1D5-FD6C3D51BCEA}
2014-08-08 22:34 - 2011-02-08 22:20 - 00000000 ____D () C:\ProgramData\Skype
2014-08-08 22:33 - 2014-08-08 22:33 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7D239DDE-821E-4374-AB96-548753FFCF88}
2014-08-07 10:42 - 2014-08-07 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5CA6A5DA-5962-42D5-85A3-DD0C8C5E074A}
2014-08-07 04:06 - 2014-08-13 10:47 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 10:47 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 23:24 - 2014-08-05 23:24 - 00000000 ____D () C:\Users\Michael\AppData\Local\{4259FC1B-9E4C-4327-8682-FDFA031883E7}
2014-08-05 10:44 - 2014-08-05 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{02E8177A-A326-430D-9F87-8695E6E7A536}
2014-08-05 09:20 - 2013-05-19 23:20 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 10:30 - 2013-08-05 18:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-04 10:21 - 2014-08-04 10:21 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0ED40260-078E-4866-808C-6365BF7B08E7}
2014-08-03 10:42 - 2014-08-03 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7FDF989D-B9F7-4C21-AF30-B584D8B06731}
2014-08-02 10:44 - 2014-08-02 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0AB8EE49-D6F2-4F5A-A331-5A29BAB69788}
2014-08-01 16:43 - 2014-08-01 16:43 - 00000000 ____D () C:\Users\Michael\AppData\Local\{E4EC2F12-65F1-4545-8BAC-BE4850219F5D}
2014-08-01 11:40 - 2014-08-01 11:40 - 00000000 ____D () C:\Users\Michael\AppData\Local\{56FDFAE9-4B17-4F4B-9C85-E6BE0DC83F9D}
2014-08-01 01:41 - 2014-08-19 21:44 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-19 21:44 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 10:13 - 2014-07-31 10:13 - 00000000 ____D () C:\Users\Michael\AppData\Local\{9ED1D688-C768-4252-837E-9EED3F2C7C81}
2014-07-30 10:06 - 2014-07-30 10:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{DF2A5F04-B151-45D0-B89C-5B72B809C057}
2014-07-30 10:05 - 2012-04-25 18:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-28 23:40 - 2012-02-14 15:16 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\TeamViewer
2014-07-28 23:39 - 2014-07-28 23:39 - 06263496 _____ (TeamViewer GmbH) C:\Users\Michael\Downloads\TeamViewer_Setup_de(1).exe
2014-07-28 14:09 - 2014-07-28 14:09 - 00000000 ____D () C:\Users\Michael\AppData\Local\{FC51DA7A-724C-4067-B14C-ECA44D6160F6}
2014-07-27 02:56 - 2014-07-27 02:56 - 00000000 ____D () C:\Users\Michael\AppData\Local\{86D836D1-7D57-417C-9539-3178402DEBDB}
2014-07-26 11:10 - 2014-07-26 11:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{27BC7407-D8A8-4BE1-AEBE-30E39F3C0A4F}
2014-07-25 16:52 - 2014-08-19 21:44 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-19 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-19 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-19 21:44 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-19 21:44 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-19 21:44 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-19 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-19 21:44 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-19 21:44 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-19 21:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-19 21:44 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-19 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-19 21:44 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-19 21:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-19 21:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-19 21:44 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-19 21:44 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-19 21:44 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-19 21:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-19 21:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-19 21:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-19 21:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-19 21:44 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-19 21:44 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-19 21:44 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-19 21:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-19 21:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-19 21:44 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-19 21:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-19 21:44 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-19 21:44 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-19 21:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-19 21:44 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-19 21:44 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-19 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-19 21:44 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-19 21:44 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-19 21:44 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-19 21:44 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-19 21:44 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-19 21:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-19 21:44 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-19 21:44 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-19 21:44 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-19 21:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-19 21:44 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-19 21:44 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-19 21:44 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-19 21:44 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-19 21:44 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-19 21:44 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-19 21:44 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-19 21:44 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-19 21:44 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-25 10:06 - 2014-07-25 10:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{524DF4E6-F594-4222-957A-51E5964C0E9F}
2014-07-25 10:05 - 2012-05-13 15:18 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 10:05 - 2012-05-13 15:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 10:05 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
Some content of TEMP:
====================
C:\Users\Michael\AppData\Local\Temp\avgnt.exe
C:\Users\Michael\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 15:44
==================== End Of Log ============================
--- --- --- |
|
25.08.2014, 13:30
| #8 |
| /// the machine /// TB-Ausbilder | Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst Java updaten. Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier. Zum Zeitpunkt der Erstellung des FRST Logs: Wieviele Tabs von IE hattest du offen, und wieviele davon selbst geöffnet??
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.08.2014, 21:59
| #9 | |
| | Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst Habe das Update von Java auf "Version 8 Update 20" durchgeführt. Die aktuellste Version, die ich finden konnte. SecurityCheck erkennt die Java Version nicht, meldet jedoch immer noch "out of Date". Code:
ATTFilter Results of screen317's Security Check version 0.99.87
x64
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Avira Desktop
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
`````````Anti-malware/Other Utilities Check:`````````
Java version out of Date!
Adobe Flash Player 14.0.0.179
Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
Code:
ATTFilter Farbar Service Scanner Version: 21-07-2014
Ran by Michael (administrator) on 25-08-2014 at 22:19:04
Running from "C:\Users\Michael\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
Zitat: Zitat:
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 03
Ran by Michael (administrator) on MICHAEL-PC on 25-08-2014 22:29:24
Running from C:\Users\Michael\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\Agent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\EuWatch.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\Logitech\QCDriver3\LVComS.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [968272 2010-06-22] (Dritek System Inc.)
HKLM-x32\...\Run: [EaseUs Watch] => C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\EuWatch.exe [69000 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [LVCOMS] => C:\Program Files (x86)\Common Files\Logitech\QCDriver3\LVCOMS.EXE [127022 2002-12-10] (Logitech Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
BHO: No Name -> {41564952-412D-5637-00A7-7A786E7484D7} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKCU - No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.3.1
FireFox:
========
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default\Extensions\abs@avira.com [2014-08-19]
FF Extension: DownloadHelper - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8ndo486f.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-08]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 EASEUS Agent; C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\Agent.exe [55688 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2010-07-15] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2010-07-15] () [File not signed]
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [36232 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R3 EuDisk; C:\Windows\System32\DRIVERS\EuDisk.sys [193416 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd)
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [17800 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUFS; C:\Windows\System32\drivers\eufs.sys [26504 2011-01-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2010-07-15] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2010-07-15] () [File not signed]
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-25] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-25 22:29 - 2014-08-25 22:29 - 00015855 _____ () C:\Users\Michael\Desktop\FRST.txt
2014-08-25 22:19 - 2014-08-25 22:19 - 00002362 _____ () C:\Users\Michael\Desktop\FSS2.txt
2014-08-25 22:12 - 2014-08-25 22:11 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-25 22:11 - 2014-08-25 22:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-25 22:11 - 2014-08-25 22:11 - 00000000 ____D () C:\Program Files\Java
2014-08-25 22:08 - 2014-08-25 22:10 - 96138664 _____ (Oracle Corporation) C:\Users\Michael\Downloads\jre-8u20-windows-x64.exe
2014-08-25 20:44 - 2014-08-25 20:44 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Oracle
2014-08-25 12:17 - 2014-08-25 12:17 - 00291528 _____ () C:\Windows\Minidump\082514-18626-01.dmp
2014-08-25 12:10 - 2014-08-25 12:10 - 00002362 _____ () C:\Users\Michael\Desktop\FSS1.txt
2014-08-25 10:42 - 2014-08-25 10:42 - 00415232 _____ (Farbar) C:\Users\Michael\Desktop\FSS.exe
2014-08-24 19:39 - 2014-08-24 19:39 - 00000883 _____ () C:\Users\Michael\Desktop\checkup.txt
2014-08-24 13:50 - 2014-08-24 13:50 - 00001619 _____ () C:\Users\Michael\Desktop\log.txt - Verknüpfung.lnk
2014-08-24 13:46 - 2014-08-24 13:46 - 00854417 _____ () C:\Users\Michael\Desktop\SecurityCheck.exe
2014-08-23 01:44 - 2014-08-23 01:44 - 00000000 ____D () C:\Windows\ERUNT
2014-08-23 01:32 - 2014-08-23 01:37 - 00000000 ____D () C:\AdwCleaner
2014-08-23 00:39 - 2014-08-25 12:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-23 00:39 - 2014-08-23 00:39 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-23 00:39 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-23 00:39 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-23 00:39 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-22 10:42 - 2014-08-22 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{84B2BD56-FBBB-41EE-AC4E-C7E2FB21D627}
2014-08-22 10:38 - 2014-08-22 10:38 - 00000000 ____D () C:\Users\Michael\AppData\Local\{10ABC367-1C41-4F2A-AFB7-D35A242592E0}
2014-08-21 12:45 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-21 12:45 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-21 12:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-21 12:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-21 12:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-21 12:45 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-21 12:45 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-21 12:45 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-21 12:44 - 2014-08-21 13:08 - 00000000 ____D () C:\Qoobox
2014-08-21 12:44 - 2014-08-21 13:06 - 00000000 ____D () C:\Windows\erdnt
2014-08-21 11:32 - 2014-08-21 11:32 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F5AD1383-6808-4242-90EB-8565D83E6426}
2014-08-21 01:30 - 2014-08-21 01:30 - 00000000 ____D () C:\Users\Michael\AppData\Local\{9E9223FE-F6FB-4A0E-AD38-B3FB7F54EB42}
2014-08-21 01:22 - 2014-08-21 01:22 - 00291864 _____ () C:\Windows\Minidump\082114-25537-01.dmp
2014-08-20 21:19 - 2014-08-25 22:29 - 00000000 ____D () C:\FRST
2014-08-20 21:17 - 2014-08-20 21:17 - 00000000 _____ () C:\Users\Michael\defogger_reenable
2014-08-20 20:50 - 2014-08-20 20:50 - 00000000 ____D () C:\Users\Michael\AppData\Local\{3D2DD5FB-6969-4999-B157-B2A43AC4ECE1}
2014-08-20 20:24 - 2014-08-25 22:29 - 00000000 ____D () C:\Users\Michael\Desktop\System-Säuberung
2014-08-20 20:21 - 2014-08-24 21:57 - 02103296 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2014-08-20 11:36 - 2014-08-20 11:36 - 00046873 _____ () C:\Windows\SysWOW64\unil.exe
2014-08-20 11:36 - 2014-08-20 11:36 - 00000000 ____D () C:\Michael
2014-08-19 21:44 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 21:44 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 21:44 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 21:44 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 21:44 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 21:44 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 21:44 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 21:44 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 21:44 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 21:44 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 21:44 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 21:44 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 21:44 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 21:44 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-19 21:44 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 21:44 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 21:44 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-19 21:44 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 21:44 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-19 21:44 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-19 21:44 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-19 21:44 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-19 21:44 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-19 21:44 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-19 21:44 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 21:44 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-19 21:44 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-19 21:44 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-19 21:44 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-19 21:44 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-19 21:44 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-19 21:44 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-19 21:44 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-19 21:44 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-19 21:44 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-19 21:44 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 21:44 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-19 21:44 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-19 21:44 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 21:44 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-19 21:44 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-19 21:44 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-19 21:44 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-19 21:44 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-19 21:44 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-19 21:44 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-19 21:44 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-19 21:44 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-19 21:44 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-19 21:44 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-19 21:44 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-19 21:44 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-19 21:44 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-19 21:44 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-19 21:44 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-19 21:44 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-19 15:51 - 2014-08-19 15:51 - 00000000 ____D () C:\Users\Michael\AppData\Local\{38B2E845-4D07-4961-B970-98EC8CD0CEAD}
2014-08-19 15:39 - 2014-08-19 15:39 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-19 15:37 - 2014-08-19 15:37 - 02077392 _____ (Microsoft Corporation) C:\Users\Michael\Downloads\IE11-Windows6.1.exe
2014-08-19 15:15 - 2014-08-19 15:15 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C44E66C8-D51D-495E-BA97-4304D70E0182}
2014-08-19 15:10 - 2014-08-19 15:11 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\Michael\Downloads\avira_de_av___ws.exe
2014-08-19 12:40 - 2014-08-19 15:50 - 00001417 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-18 22:44 - 2014-08-18 22:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{731D6040-732C-4DE9-98FC-709267031DBD}
2014-08-18 15:06 - 2014-08-18 15:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{99AC47CD-5F49-4750-A2FF-426C684CBE8E}
2014-08-18 14:01 - 2014-08-18 14:01 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F0D04E7A-FEB5-4741-AEDF-E437370C8C62}
2014-08-18 13:02 - 2014-08-18 13:02 - 00000000 ____D () C:\Users\Michael\AppData\Local\{153F9F39-0933-4147-AE57-91E7DA2D8CAA}
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5D930934-5124-466B-AE81-79A4AF65A101}
2014-08-17 22:20 - 2014-08-17 22:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-17 22:19 - 2014-08-17 22:20 - 02347384 _____ (ESET) C:\Users\Michael\Downloads\esetsmartinstaller_deu.exe
2014-08-17 21:30 - 2014-08-19 11:56 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\QuickScan
2014-08-17 18:05 - 2014-08-17 18:06 - 04813544 _____ (Piriform Ltd) C:\Users\Michael\Downloads\ccsetup416.exe
2014-08-17 17:57 - 2014-08-17 17:57 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1BC41C44-349C-4656-B3E0-26163AA28D42}
2014-08-17 17:10 - 2014-08-17 17:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0107BFDA-B12C-48F6-8E47-B4AB6B8CDE05}
2014-08-17 01:04 - 2014-08-17 01:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{34A4F854-7900-4862-8F65-6E12975E9D54}
2014-08-15 09:23 - 2014-08-15 09:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1442DB7E-FFC6-4E4C-91D8-99B7C9E1E12B}
2014-08-14 10:36 - 2014-08-14 10:37 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C42E855C-4B60-429C-B1B3-4D95D47F24DA}
2014-08-13 12:19 - 2014-08-13 12:20 - 00000000 ____D () C:\Users\Michael\AppData\Local\{D1DF6F7D-6F82-4F22-ABDE-0C7640A75E89}
2014-08-13 10:51 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 10:51 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 10:51 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 10:51 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 10:51 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 10:51 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 10:50 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 10:50 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 10:49 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 10:49 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 10:49 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 10:49 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 10:49 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 10:49 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 10:49 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 10:49 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 10:49 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 10:49 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 10:48 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 10:47 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 10:47 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 10:41 - 2014-08-13 10:41 - 00000000 ____D () C:\Users\Michael\AppData\Local\{42D91D13-48AF-4C95-AC18-F5C8ED438B6B}
2014-08-12 20:25 - 2014-08-12 20:25 - 00001442 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-08-12 20:25 - 2014-08-12 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-08-12 20:24 - 2014-08-12 20:25 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-08-12 20:23 - 2014-08-12 20:24 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\DVDVideoSoft
2014-08-12 20:21 - 2014-08-12 20:21 - 28401992 _____ (DVDVideoSoft Ltd. ) C:\Users\Michael\Downloads\FreeAudioConverter-5.0.45.806.exe
2014-08-12 09:54 - 2014-08-12 09:55 - 00000000 ____D () C:\Users\Michael\AppData\Local\{16A1732A-8B23-43D9-B2F8-08B5350750A4}
2014-08-10 14:04 - 2014-08-10 14:05 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F467A3D9-869E-4765-9078-E3264A274CF0}
2014-08-09 22:23 - 2014-08-09 22:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F7399A5B-CD27-486F-A1D5-FD6C3D51BCEA}
2014-08-08 22:33 - 2014-08-08 22:33 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7D239DDE-821E-4374-AB96-548753FFCF88}
2014-08-07 10:42 - 2014-08-07 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5CA6A5DA-5962-42D5-85A3-DD0C8C5E074A}
2014-08-05 23:24 - 2014-08-05 23:24 - 00000000 ____D () C:\Users\Michael\AppData\Local\{4259FC1B-9E4C-4327-8682-FDFA031883E7}
2014-08-05 10:44 - 2014-08-05 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{02E8177A-A326-430D-9F87-8695E6E7A536}
2014-08-04 10:30 - 2014-08-18 15:10 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-04 10:30 - 2014-08-18 15:09 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-04 10:21 - 2014-08-04 10:21 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0ED40260-078E-4866-808C-6365BF7B08E7}
2014-08-03 10:42 - 2014-08-03 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7FDF989D-B9F7-4C21-AF30-B584D8B06731}
2014-08-02 10:44 - 2014-08-02 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0AB8EE49-D6F2-4F5A-A331-5A29BAB69788}
2014-08-01 16:43 - 2014-08-01 16:43 - 00000000 ____D () C:\Users\Michael\AppData\Local\{E4EC2F12-65F1-4545-8BAC-BE4850219F5D}
2014-08-01 11:43 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 11:43 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 11:43 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 11:43 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 11:43 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 11:43 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 11:42 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 11:42 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 11:42 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 11:42 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-01 11:40 - 2014-08-01 11:40 - 00000000 ____D () C:\Users\Michael\AppData\Local\{56FDFAE9-4B17-4F4B-9C85-E6BE0DC83F9D}
2014-07-31 10:13 - 2014-07-31 10:13 - 00000000 ____D () C:\Users\Michael\AppData\Local\{9ED1D688-C768-4252-837E-9EED3F2C7C81}
2014-07-30 10:06 - 2014-07-30 10:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{DF2A5F04-B151-45D0-B89C-5B72B809C057}
2014-07-28 23:39 - 2014-07-28 23:39 - 06263496 _____ (TeamViewer GmbH) C:\Users\Michael\Downloads\TeamViewer_Setup_de(1).exe
2014-07-28 14:09 - 2014-07-28 14:09 - 00000000 ____D () C:\Users\Michael\AppData\Local\{FC51DA7A-724C-4067-B14C-ECA44D6160F6}
2014-07-27 02:56 - 2014-07-27 02:56 - 00000000 ____D () C:\Users\Michael\AppData\Local\{86D836D1-7D57-417C-9539-3178402DEBDB}
2014-07-26 11:10 - 2014-07-26 11:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{27BC7407-D8A8-4BE1-AEBE-30E39F3C0A4F}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-25 22:29 - 2014-08-25 22:29 - 00015855 _____ () C:\Users\Michael\Desktop\FRST.txt
2014-08-25 22:29 - 2014-08-20 21:19 - 00000000 ____D () C:\FRST
2014-08-25 22:29 - 2014-08-20 20:24 - 00000000 ____D () C:\Users\Michael\Desktop\System-Säuberung
2014-08-25 22:25 - 2010-09-17 18:57 - 02076345 _____ () C:\Windows\WindowsUpdate.log
2014-08-25 22:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-25 22:22 - 2009-07-14 06:51 - 00188919 _____ () C:\Windows\setupact.log
2014-08-25 22:19 - 2014-08-25 22:19 - 00002362 _____ () C:\Users\Michael\Desktop\FSS2.txt
2014-08-25 22:11 - 2014-08-25 22:12 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-25 22:11 - 2014-08-25 22:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-25 22:11 - 2014-08-25 22:11 - 00000000 ____D () C:\Program Files\Java
2014-08-25 22:11 - 2013-10-29 11:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-25 22:10 - 2014-08-25 22:08 - 96138664 _____ (Oracle Corporation) C:\Users\Michael\Downloads\jre-8u20-windows-x64.exe
2014-08-25 21:58 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-25 21:58 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-25 21:50 - 2011-02-08 22:20 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Skype
2014-08-25 20:44 - 2014-08-25 20:44 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Oracle
2014-08-25 19:51 - 2011-02-07 23:29 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-08-25 12:17 - 2014-08-25 12:17 - 00291528 _____ () C:\Windows\Minidump\082514-18626-01.dmp
2014-08-25 12:17 - 2011-09-18 23:19 - 578960607 _____ () C:\Windows\MEMORY.DMP
2014-08-25 12:17 - 2011-09-18 23:19 - 00000000 ____D () C:\Windows\Minidump
2014-08-25 12:14 - 2014-08-23 00:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 12:10 - 2014-08-25 12:10 - 00002362 _____ () C:\Users\Michael\Desktop\FSS1.txt
2014-08-25 10:42 - 2014-08-25 10:42 - 00415232 _____ (Farbar) C:\Users\Michael\Desktop\FSS.exe
2014-08-24 21:57 - 2014-08-20 20:21 - 02103296 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2014-08-24 19:39 - 2014-08-24 19:39 - 00000883 _____ () C:\Users\Michael\Desktop\checkup.txt
2014-08-24 13:50 - 2014-08-24 13:50 - 00001619 _____ () C:\Users\Michael\Desktop\log.txt - Verknüpfung.lnk
2014-08-24 13:46 - 2014-08-24 13:46 - 00854417 _____ () C:\Users\Michael\Desktop\SecurityCheck.exe
2014-08-23 01:44 - 2014-08-23 01:44 - 00000000 ____D () C:\Windows\ERUNT
2014-08-23 01:38 - 2010-09-17 18:54 - 00171952 _____ () C:\Windows\PFRO.log
2014-08-23 01:37 - 2014-08-23 01:32 - 00000000 ____D () C:\AdwCleaner
2014-08-23 01:37 - 2014-06-10 23:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-23 00:39 - 2014-08-23 00:39 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-23 00:39 - 2014-08-23 00:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-22 14:33 - 2011-10-05 03:30 - 00000000 ____D () C:\Users\Michael\AppData\Local\FreePDF_XP
2014-08-22 14:24 - 2011-02-07 18:32 - 00000000 ____D () C:\Users\Michael
2014-08-22 14:16 - 2011-10-02 16:00 - 00443904 ___SH () C:\Users\Michael\Thumbs.db
2014-08-22 10:42 - 2014-08-22 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{84B2BD56-FBBB-41EE-AC4E-C7E2FB21D627}
2014-08-22 10:42 - 2010-09-17 19:20 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-08-22 10:38 - 2014-08-22 10:38 - 00000000 ____D () C:\Users\Michael\AppData\Local\{10ABC367-1C41-4F2A-AFB7-D35A242592E0}
2014-08-22 10:38 - 2011-02-09 18:59 - 00000000 ____D () C:\Users\Michael\Tracing
2014-08-22 10:37 - 2013-05-19 23:11 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-08-21 13:08 - 2014-08-21 12:44 - 00000000 ____D () C:\Qoobox
2014-08-21 13:08 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-21 13:06 - 2014-08-21 12:44 - 00000000 ____D () C:\Windows\erdnt
2014-08-21 12:57 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-21 11:32 - 2014-08-21 11:32 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F5AD1383-6808-4242-90EB-8565D83E6426}
2014-08-21 01:30 - 2014-08-21 01:30 - 00000000 ____D () C:\Users\Michael\AppData\Local\{9E9223FE-F6FB-4A0E-AD38-B3FB7F54EB42}
2014-08-21 01:22 - 2014-08-21 01:22 - 00291864 _____ () C:\Windows\Minidump\082114-25537-01.dmp
2014-08-20 21:17 - 2014-08-20 21:17 - 00000000 _____ () C:\Users\Michael\defogger_reenable
2014-08-20 20:50 - 2014-08-20 20:50 - 00000000 ____D () C:\Users\Michael\AppData\Local\{3D2DD5FB-6969-4999-B157-B2A43AC4ECE1}
2014-08-20 20:49 - 2009-07-14 06:45 - 00286024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-20 17:52 - 2012-05-20 03:35 - 00000035 _____ () C:\Users\Michael\Desktop\proxtube.txt
2014-08-20 12:09 - 2013-09-13 02:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2014-08-20 11:36 - 2014-08-20 11:36 - 00046873 _____ () C:\Windows\SysWOW64\unil.exe
2014-08-20 11:36 - 2014-08-20 11:36 - 00000000 ____D () C:\Michael
2014-08-20 11:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-20 00:49 - 2012-01-11 17:53 - 00000000 ____D () C:\Users\Michael\AppData\Local\Unity
2014-08-20 00:48 - 2010-09-17 19:14 - 00040818 _____ () C:\Windows\DPINST.LOG
2014-08-20 00:03 - 2011-02-08 22:59 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\ICQ
2014-08-19 21:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-19 15:51 - 2014-08-19 15:51 - 00000000 ____D () C:\Users\Michael\AppData\Local\{38B2E845-4D07-4961-B970-98EC8CD0CEAD}
2014-08-19 15:50 - 2014-08-19 12:40 - 00001417 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-19 15:45 - 2013-11-12 11:03 - 00020973 _____ () C:\Windows\IE11_main.log
2014-08-19 15:39 - 2014-08-19 15:39 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-19 15:39 - 2014-08-19 15:39 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-19 15:39 - 2014-08-19 15:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-19 15:39 - 2014-08-19 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-19 15:39 - 2014-08-19 15:39 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-19 15:39 - 2014-08-19 15:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-19 15:37 - 2014-08-19 15:37 - 02077392 _____ (Microsoft Corporation) C:\Users\Michael\Downloads\IE11-Windows6.1.exe
2014-08-19 15:15 - 2014-08-19 15:15 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C44E66C8-D51D-495E-BA97-4304D70E0182}
2014-08-19 15:11 - 2014-08-19 15:10 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\Michael\Downloads\avira_de_av___ws.exe
2014-08-19 11:56 - 2014-08-17 21:30 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\QuickScan
2014-08-19 02:37 - 2014-02-27 18:56 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-08-19 00:02 - 2011-09-20 18:26 - 00000140 _____ () C:\Windows\9888.MOD
2014-08-18 22:44 - 2014-08-18 22:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{731D6040-732C-4DE9-98FC-709267031DBD}
2014-08-18 22:42 - 2010-07-13 13:57 - 00000000 ____D () C:\Program Files (x86)\EgisTec MyWinLocker
2014-08-18 16:01 - 2010-07-13 13:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-18 15:39 - 2012-06-18 15:44 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-18 15:39 - 2012-06-18 15:44 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-08-18 15:10 - 2014-08-04 10:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 15:09 - 2014-08-04 10:30 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 15:09 - 2013-08-05 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 15:09 - 2013-08-05 18:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-18 15:06 - 2014-08-18 15:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{99AC47CD-5F49-4750-A2FF-426C684CBE8E}
2014-08-18 14:34 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-18 14:28 - 2012-11-13 17:41 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-18 14:01 - 2014-08-18 14:01 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F0D04E7A-FEB5-4741-AEDF-E437370C8C62}
2014-08-18 14:01 - 2011-02-07 18:32 - 00062472 _____ () C:\Users\Michael\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-18 13:59 - 2012-11-13 17:36 - 00004324 _____ () C:\ProgramData\hpzinstall.log
2014-08-18 13:59 - 2012-11-13 17:36 - 00000000 ____D () C:\ProgramData\HP
2014-08-18 13:02 - 2014-08-18 13:02 - 00000000 ____D () C:\Users\Michael\AppData\Local\{153F9F39-0933-4147-AE57-91E7DA2D8CAA}
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5D930934-5124-466B-AE81-79A4AF65A101}
2014-08-18 00:27 - 2012-09-27 00:03 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\FileZilla
2014-08-18 00:00 - 2011-09-15 11:40 - 00000353 _____ () C:\Users\Michael\Desktop\Neues Textdokument.txt
2014-08-17 22:20 - 2014-08-17 22:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-17 22:20 - 2014-08-17 22:19 - 02347384 _____ (ESET) C:\Users\Michael\Downloads\esetsmartinstaller_deu.exe
2014-08-17 18:07 - 2012-06-18 17:34 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-17 18:07 - 2012-06-18 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-17 18:07 - 2012-06-18 17:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-17 18:06 - 2014-08-17 18:05 - 04813544 _____ (Piriform Ltd) C:\Users\Michael\Downloads\ccsetup416.exe
2014-08-17 17:57 - 2014-08-17 17:57 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1BC41C44-349C-4656-B3E0-26163AA28D42}
2014-08-17 17:10 - 2014-08-17 17:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0107BFDA-B12C-48F6-8E47-B4AB6B8CDE05}
2014-08-17 01:04 - 2014-08-17 01:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{34A4F854-7900-4862-8F65-6E12975E9D54}
2014-08-15 09:23 - 2014-08-15 09:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{1442DB7E-FFC6-4E4C-91D8-99B7C9E1E12B}
2014-08-14 20:54 - 2014-06-11 18:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\Adobe
2014-08-14 10:39 - 2012-04-03 10:00 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-14 10:39 - 2011-06-02 00:20 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-14 10:37 - 2014-08-14 10:36 - 00000000 ____D () C:\Users\Michael\AppData\Local\{C42E855C-4B60-429C-B1B3-4D95D47F24DA}
2014-08-13 12:20 - 2014-08-13 12:19 - 00000000 ____D () C:\Users\Michael\AppData\Local\{D1DF6F7D-6F82-4F22-ABDE-0C7640A75E89}
2014-08-13 11:03 - 2013-07-14 13:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 10:55 - 2011-02-08 16:51 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 10:50 - 2014-04-23 10:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 10:41 - 2014-08-13 10:41 - 00000000 ____D () C:\Users\Michael\AppData\Local\{42D91D13-48AF-4C95-AC18-F5C8ED438B6B}
2014-08-12 20:25 - 2014-08-12 20:25 - 00001442 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-08-12 20:25 - 2014-08-12 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-08-12 20:25 - 2014-08-12 20:24 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-08-12 20:24 - 2014-08-12 20:23 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\DVDVideoSoft
2014-08-12 20:21 - 2014-08-12 20:21 - 28401992 _____ (DVDVideoSoft Ltd. ) C:\Users\Michael\Downloads\FreeAudioConverter-5.0.45.806.exe
2014-08-12 09:55 - 2014-08-12 09:54 - 00000000 ____D () C:\Users\Michael\AppData\Local\{16A1732A-8B23-43D9-B2F8-08B5350750A4}
2014-08-10 14:05 - 2014-08-10 14:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F467A3D9-869E-4765-9078-E3264A274CF0}
2014-08-09 22:23 - 2014-08-09 22:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{F7399A5B-CD27-486F-A1D5-FD6C3D51BCEA}
2014-08-08 22:34 - 2011-02-08 22:20 - 00000000 ____D () C:\ProgramData\Skype
2014-08-08 22:33 - 2014-08-08 22:33 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7D239DDE-821E-4374-AB96-548753FFCF88}
2014-08-07 10:42 - 2014-08-07 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{5CA6A5DA-5962-42D5-85A3-DD0C8C5E074A}
2014-08-07 04:06 - 2014-08-13 10:47 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 10:47 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 23:24 - 2014-08-05 23:24 - 00000000 ____D () C:\Users\Michael\AppData\Local\{4259FC1B-9E4C-4327-8682-FDFA031883E7}
2014-08-05 10:44 - 2014-08-05 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{02E8177A-A326-430D-9F87-8695E6E7A536}
2014-08-05 09:20 - 2013-05-19 23:20 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 10:30 - 2013-08-05 18:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-04 10:21 - 2014-08-04 10:21 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0ED40260-078E-4866-808C-6365BF7B08E7}
2014-08-03 10:42 - 2014-08-03 10:42 - 00000000 ____D () C:\Users\Michael\AppData\Local\{7FDF989D-B9F7-4C21-AF30-B584D8B06731}
2014-08-02 10:44 - 2014-08-02 10:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\{0AB8EE49-D6F2-4F5A-A331-5A29BAB69788}
2014-08-01 16:43 - 2014-08-01 16:43 - 00000000 ____D () C:\Users\Michael\AppData\Local\{E4EC2F12-65F1-4545-8BAC-BE4850219F5D}
2014-08-01 11:40 - 2014-08-01 11:40 - 00000000 ____D () C:\Users\Michael\AppData\Local\{56FDFAE9-4B17-4F4B-9C85-E6BE0DC83F9D}
2014-08-01 01:41 - 2014-08-19 21:44 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-19 21:44 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 10:13 - 2014-07-31 10:13 - 00000000 ____D () C:\Users\Michael\AppData\Local\{9ED1D688-C768-4252-837E-9EED3F2C7C81}
2014-07-30 10:06 - 2014-07-30 10:06 - 00000000 ____D () C:\Users\Michael\AppData\Local\{DF2A5F04-B151-45D0-B89C-5B72B809C057}
2014-07-30 10:05 - 2012-04-25 18:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-28 23:40 - 2012-02-14 15:16 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\TeamViewer
2014-07-28 23:39 - 2014-07-28 23:39 - 06263496 _____ (TeamViewer GmbH) C:\Users\Michael\Downloads\TeamViewer_Setup_de(1).exe
2014-07-28 14:09 - 2014-07-28 14:09 - 00000000 ____D () C:\Users\Michael\AppData\Local\{FC51DA7A-724C-4067-B14C-ECA44D6160F6}
2014-07-27 02:56 - 2014-07-27 02:56 - 00000000 ____D () C:\Users\Michael\AppData\Local\{86D836D1-7D57-417C-9539-3178402DEBDB}
2014-07-26 11:10 - 2014-07-26 11:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{27BC7407-D8A8-4BE1-AEBE-30E39F3C0A4F}
Some content of TEMP:
====================
C:\Users\Michael\AppData\Local\Temp\avgnt.exe
C:\Users\Michael\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 15:44
==================== End Of Log ============================
Während diesem FRST Scans waren von mir ebenfalls keine Tabs im IE geöffnet. Es handelt sich ebenfalls um selbst geladene Prozesse. Vielen Dank für deine Mühen! |
|
26.08.2014, 18:53
| #10 |
| /// the machine /// TB-Ausbilder | Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.08.2014, 01:45
| #11 |
| | Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst TDSSKiller ist fündig geworden und hat Rootkit.Boot.Cidox.b erkannt. Ich glaube so langsam sehen wir ein Licht am Ende des Tunnels. Log-File: Code:
ATTFilter 02:26:16.0553 0x1580 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
02:26:21.0492 0x1580 ============================================================
02:26:21.0492 0x1580 Current date / time: 2014/08/27 02:26:21.0492
02:26:21.0492 0x1580 SystemInfo:
02:26:21.0492 0x1580
02:26:21.0492 0x1580 OS Version: 6.1.7601 ServicePack: 1.0
02:26:21.0492 0x1580 Product type: Workstation
02:26:21.0492 0x1580 ComputerName: MICHAEL-PC
02:26:21.0492 0x1580 UserName: Michael
02:26:21.0492 0x1580 Windows directory: C:\Windows
02:26:21.0492 0x1580 System windows directory: C:\Windows
02:26:21.0492 0x1580 Running under WOW64
02:26:21.0492 0x1580 Processor architecture: Intel x64
02:26:21.0492 0x1580 Number of processors: 4
02:26:21.0492 0x1580 Page size: 0x1000
02:26:21.0492 0x1580 Boot type: Normal boot
02:26:21.0492 0x1580 ============================================================
02:26:21.0648 0x1580 KLMD registered as C:\Windows\system32\drivers\06883923.sys
02:26:22.0240 0x1580 System UUID: {D34A57AE-E91A-2D6B-DE10-56FDF63470E2}
02:26:22.0763 0x1580 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:26:22.0768 0x1580 ============================================================
02:26:22.0768 0x1580 \Device\Harddisk0\DR0:
02:26:22.0769 0x1580 MBR partitions:
02:26:22.0769 0x1580 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
02:26:22.0769 0x1580 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x11B34B23
02:26:22.0796 0x1580 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x13567362, BlocksNum 0x938225D
02:26:22.0819 0x1580 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x1C8E95FE, BlocksNum 0x1DA9B643
02:26:22.0819 0x1580 ============================================================
02:26:22.0854 0x1580 C: <-> \Device\Harddisk0\DR0\Partition2
02:26:22.0886 0x1580 E: <-> \Device\Harddisk0\DR0\Partition3
02:26:22.0910 0x1580 F: <-> \Device\Harddisk0\DR0\Partition4
02:26:22.0910 0x1580 ============================================================
02:26:22.0910 0x1580 Initialize success
02:26:22.0910 0x1580 ============================================================
02:27:37.0054 0x08c8 ============================================================
02:27:37.0054 0x08c8 Scan started
02:27:37.0054 0x08c8 Mode: Manual; SigCheck; TDLFS;
02:27:37.0054 0x08c8 ============================================================
02:27:37.0054 0x08c8 KSN ping started
02:27:39.0550 0x08c8 KSN ping finished: true
02:27:41.0578 0x08c8 ================ Scan system memory ========================
02:27:41.0578 0x08c8 System memory - ok
02:27:41.0578 0x08c8 ================ Scan services =============================
02:27:41.0797 0x08c8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
02:27:41.0922 0x08c8 1394ohci - ok
02:27:41.0984 0x08c8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
02:27:42.0000 0x08c8 ACPI - ok
02:27:42.0031 0x08c8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
02:27:42.0062 0x08c8 AcpiPmi - ok
02:27:42.0187 0x08c8 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:27:42.0234 0x08c8 AdobeARMservice - ok
02:27:42.0296 0x08c8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
02:27:42.0343 0x08c8 adp94xx - ok
02:27:42.0374 0x08c8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
02:27:42.0405 0x08c8 adpahci - ok
02:27:42.0452 0x08c8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
02:27:42.0499 0x08c8 adpu320 - ok
02:27:42.0530 0x08c8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
02:27:42.0592 0x08c8 AeLookupSvc - ok
02:27:42.0670 0x08c8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
02:27:42.0764 0x08c8 AFD - ok
02:27:42.0826 0x08c8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
02:27:42.0858 0x08c8 agp440 - ok
02:27:42.0889 0x08c8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
02:27:42.0998 0x08c8 ALG - ok
02:27:43.0060 0x08c8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
02:27:43.0092 0x08c8 aliide - ok
02:27:43.0138 0x08c8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
02:27:43.0154 0x08c8 amdide - ok
02:27:43.0185 0x08c8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
02:27:43.0248 0x08c8 AmdK8 - ok
02:27:43.0263 0x08c8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
02:27:43.0326 0x08c8 AmdPPM - ok
02:27:43.0372 0x08c8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
02:27:43.0404 0x08c8 amdsata - ok
02:27:43.0435 0x08c8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
02:27:43.0466 0x08c8 amdsbs - ok
02:27:43.0482 0x08c8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
02:27:43.0497 0x08c8 amdxata - ok
02:27:43.0606 0x08c8 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
02:27:43.0622 0x08c8 AntiVirSchedulerService - ok
02:27:43.0684 0x08c8 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
02:27:43.0716 0x08c8 AntiVirService - ok
02:27:43.0794 0x08c8 [ 8275A6F8857CB98F72CBAF75770E9E10, B945A8937E95269A84C4B0EA0E202EE564B457E32DE239DCCDF9F14D9CC204C7 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
02:27:43.0840 0x08c8 AntiVirWebService - ok
02:27:43.0903 0x08c8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
02:27:43.0996 0x08c8 AppID - ok
02:27:44.0028 0x08c8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
02:27:44.0090 0x08c8 AppIDSvc - ok
02:27:44.0152 0x08c8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
02:27:44.0215 0x08c8 Appinfo - ok
02:27:44.0277 0x08c8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
02:27:44.0308 0x08c8 arc - ok
02:27:44.0308 0x08c8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
02:27:44.0340 0x08c8 arcsas - ok
02:27:44.0464 0x08c8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
02:27:44.0527 0x08c8 aspnet_state - ok
02:27:44.0558 0x08c8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
02:27:44.0605 0x08c8 AsyncMac - ok
02:27:44.0652 0x08c8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
02:27:44.0667 0x08c8 atapi - ok
02:27:44.0761 0x08c8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
02:27:44.0854 0x08c8 AudioEndpointBuilder - ok
02:27:44.0886 0x08c8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
02:27:44.0948 0x08c8 AudioSrv - ok
02:27:44.0979 0x08c8 [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
02:27:45.0010 0x08c8 avgntflt - ok
02:27:45.0042 0x08c8 [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
02:27:45.0073 0x08c8 avipbb - ok
02:27:45.0120 0x08c8 [ A59D07E02A75EDC8FA141470C5EC96C3, A20416444B3C15F85651383F8D40F4F93400B1B78A60174A2AD3A6308836ED93 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
02:27:45.0166 0x08c8 Avira.OE.ServiceHost - ok
02:27:45.0213 0x08c8 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
02:27:45.0229 0x08c8 avkmgr - ok
02:27:45.0307 0x08c8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
02:27:45.0432 0x08c8 AxInstSV - ok
02:27:45.0510 0x08c8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
02:27:45.0556 0x08c8 b06bdrv - ok
02:27:45.0588 0x08c8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
02:27:45.0650 0x08c8 b57nd60a - ok
02:27:45.0837 0x08c8 [ 2D659B569A76CDB83B815675A80D7096, 8246BD350017B6CBADA4BBDBAB8B708B0A8F1AD5ADD4B2DE1BA610B4A188C262 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
02:27:46.0024 0x08c8 BCM43XX - ok
02:27:46.0134 0x08c8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
02:27:46.0227 0x08c8 BDESVC - ok
02:27:46.0243 0x08c8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
02:27:46.0336 0x08c8 Beep - ok
02:27:46.0430 0x08c8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
02:27:46.0492 0x08c8 BFE - ok
02:27:46.0586 0x08c8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
02:27:46.0664 0x08c8 BITS - ok
02:27:46.0695 0x08c8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
02:27:46.0742 0x08c8 blbdrive - ok
02:27:46.0773 0x08c8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
02:27:46.0804 0x08c8 bowser - ok
02:27:46.0836 0x08c8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:27:46.0867 0x08c8 BrFiltLo - ok
02:27:46.0898 0x08c8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:27:46.0960 0x08c8 BrFiltUp - ok
02:27:47.0038 0x08c8 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
02:27:47.0116 0x08c8 BridgeMP - ok
02:27:47.0148 0x08c8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
02:27:47.0194 0x08c8 Browser - ok
02:27:47.0210 0x08c8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
02:27:47.0257 0x08c8 Brserid - ok
02:27:47.0288 0x08c8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
02:27:47.0335 0x08c8 BrSerWdm - ok
02:27:47.0366 0x08c8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
02:27:47.0413 0x08c8 BrUsbMdm - ok
02:27:47.0428 0x08c8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
02:27:47.0460 0x08c8 BrUsbSer - ok
02:27:47.0475 0x08c8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
02:27:47.0522 0x08c8 BTHMODEM - ok
02:27:47.0569 0x08c8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
02:27:47.0631 0x08c8 bthserv - ok
02:27:47.0678 0x08c8 catchme - ok
02:27:47.0709 0x08c8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
02:27:47.0756 0x08c8 cdfs - ok
02:27:47.0803 0x08c8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
02:27:47.0850 0x08c8 cdrom - ok
02:27:47.0928 0x08c8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
02:27:48.0006 0x08c8 CertPropSvc - ok
02:27:48.0037 0x08c8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
02:27:48.0084 0x08c8 circlass - ok
02:27:48.0130 0x08c8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
02:27:48.0146 0x08c8 CLFS - ok
02:27:48.0208 0x08c8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:27:48.0240 0x08c8 clr_optimization_v2.0.50727_32 - ok
02:27:48.0286 0x08c8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:27:48.0333 0x08c8 clr_optimization_v2.0.50727_64 - ok
02:27:48.0396 0x08c8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:27:48.0536 0x08c8 clr_optimization_v4.0.30319_32 - ok
02:27:48.0552 0x08c8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:27:48.0583 0x08c8 clr_optimization_v4.0.30319_64 - ok
02:27:48.0630 0x08c8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
02:27:48.0676 0x08c8 CmBatt - ok
02:27:48.0708 0x08c8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
02:27:48.0739 0x08c8 cmdide - ok
02:27:48.0786 0x08c8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
02:27:48.0848 0x08c8 CNG - ok
02:27:48.0895 0x08c8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
02:27:48.0910 0x08c8 Compbatt - ok
02:27:48.0957 0x08c8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
02:27:49.0035 0x08c8 CompositeBus - ok
02:27:49.0051 0x08c8 COMSysApp - ok
02:27:49.0066 0x08c8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
02:27:49.0082 0x08c8 crcdisk - ok
02:27:49.0144 0x08c8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
02:27:49.0191 0x08c8 CryptSvc - ok
02:27:49.0238 0x08c8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
02:27:49.0316 0x08c8 DcomLaunch - ok
02:27:49.0378 0x08c8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
02:27:49.0441 0x08c8 defragsvc - ok
02:27:49.0503 0x08c8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
02:27:49.0581 0x08c8 DfsC - ok
02:27:49.0659 0x08c8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
02:27:49.0706 0x08c8 Dhcp - ok
02:27:49.0737 0x08c8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
02:27:49.0800 0x08c8 discache - ok
02:27:49.0831 0x08c8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
02:27:49.0862 0x08c8 Disk - ok
02:27:49.0893 0x08c8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
02:27:49.0956 0x08c8 Dnscache - ok
02:27:50.0034 0x08c8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
02:27:50.0112 0x08c8 dot3svc - ok
02:27:50.0190 0x08c8 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
02:27:50.0236 0x08c8 Dot4 - ok
02:27:50.0268 0x08c8 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
02:27:50.0299 0x08c8 Dot4Print - ok
02:27:50.0314 0x08c8 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
02:27:50.0346 0x08c8 dot4usb - ok
02:27:50.0424 0x08c8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
02:27:50.0486 0x08c8 DPS - ok
02:27:50.0533 0x08c8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
02:27:50.0580 0x08c8 drmkaud - ok
02:27:50.0642 0x08c8 [ 1FCA854CEDFC2CCD0C22E46EA4EA18F1, 3508547FCE3B6ACA34511BB2C50A375E3894EBFAC656B9D1C82EA8439EFD8846 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
02:27:50.0704 0x08c8 DsiWMIService - ok
02:27:50.0798 0x08c8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
02:27:50.0860 0x08c8 DXGKrnl - ok
02:27:50.0892 0x08c8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
02:27:50.0954 0x08c8 EapHost - ok
02:27:51.0032 0x08c8 [ 2EA8CCC4AF7D9223DD397D8CCB636F5D, DCC2D68DC50703C34021583884901C93179226E57FE91CD75F77CE6C69099B30 ] EASEUS Agent C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\Agent.exe
02:27:51.0094 0x08c8 EASEUS Agent - detected UnsignedFile.Multi.Generic ( 1 )
02:27:53.0606 0x08c8 Detect skipped due to KSN trusted
02:27:53.0606 0x08c8 EASEUS Agent - ok
02:27:53.0778 0x08c8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
02:27:54.0136 0x08c8 ebdrv - ok
02:27:54.0199 0x08c8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
02:27:54.0246 0x08c8 EFS - ok
02:27:54.0370 0x08c8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
02:27:54.0433 0x08c8 ehRecvr - ok
02:27:54.0464 0x08c8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
02:27:54.0542 0x08c8 ehSched - ok
02:27:54.0589 0x08c8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
02:27:54.0636 0x08c8 elxstor - ok
02:27:54.0682 0x08c8 [ 9EAFB3B3B60B8AD958985152A9309ACA, EC58F487D50A125DA3F747670282EA2104580CCAAF709EA494B61C7549576AE6 ] epmntdrv C:\Windows\system32\epmntdrv.sys
02:27:54.0698 0x08c8 epmntdrv - detected UnsignedFile.Multi.Generic ( 1 )
02:27:57.0132 0x08c8 Detect skipped due to KSN trusted
02:27:57.0132 0x08c8 epmntdrv - ok
02:27:57.0256 0x08c8 [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
02:27:57.0303 0x08c8 ePowerSvc - ok
02:27:57.0334 0x08c8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
02:27:57.0381 0x08c8 ErrDev - ok
02:27:57.0428 0x08c8 [ 74A88F4B1F22F394E27792A0195505D1, 497E3281A29F5F3E1DB4B186E5EF73AE68DDC62CDF0B516DABF113D41AE68E19 ] EUBAKUP C:\Windows\system32\drivers\eubakup.sys
02:27:57.0459 0x08c8 EUBAKUP - detected UnsignedFile.Multi.Generic ( 1 )
02:27:59.0877 0x08c8 Detect skipped due to KSN trusted
02:27:59.0877 0x08c8 EUBAKUP - ok
02:27:59.0924 0x08c8 [ A25BED567EA531F27CC87FD5B331BB02, 5C6ED7F09F4FE208B10C0674A1915C23B53642E952ED4A59ABBA1436F1795395 ] EuDisk C:\Windows\system32\DRIVERS\EuDisk.sys
02:27:59.0971 0x08c8 EuDisk - detected UnsignedFile.Multi.Generic ( 1 )
02:28:02.0498 0x08c8 Detect skipped due to KSN trusted
02:28:02.0498 0x08c8 EuDisk - ok
02:28:02.0545 0x08c8 [ 5A720EACFE8DB9D8D28C691C09269A58, 0EFF1E37808AF410C64DED1A353109F44E3B207F286D284B1D6B36C511DBCAAE ] EUDSKACS C:\Windows\system32\drivers\eudskacs.sys
02:28:02.0576 0x08c8 EUDSKACS - detected UnsignedFile.Multi.Generic ( 1 )
02:28:05.0010 0x08c8 Detect skipped due to KSN trusted
02:28:05.0010 0x08c8 EUDSKACS - ok
02:28:05.0041 0x08c8 [ 84F2D1D52BB527A8477B2DB2C220DD0D, EB2C909C3ED62EF20DAE3972D2896055840B0FAB7379F90B069EB20CB224F5AF ] EUFS C:\Windows\system32\drivers\eufs.sys
02:28:05.0072 0x08c8 EUFS - detected UnsignedFile.Multi.Generic ( 1 )
02:28:07.0506 0x08c8 Detect skipped due to KSN trusted
02:28:07.0506 0x08c8 EUFS - ok
02:28:07.0552 0x08c8 [ FB949ED2C93C878A189039F3D7730942, 857AFB9965F14C80C21948C05A44D37948BD206961101DFF087735D6A7CCAA8A ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
02:28:07.0584 0x08c8 EuGdiDrv - detected UnsignedFile.Multi.Generic ( 1 )
02:28:10.0080 0x08c8 Detect skipped due to KSN trusted
02:28:10.0080 0x08c8 EuGdiDrv - ok
02:28:10.0158 0x08c8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
02:28:10.0220 0x08c8 EventSystem - ok
02:28:10.0236 0x08c8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
02:28:10.0298 0x08c8 exfat - ok
02:28:10.0329 0x08c8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
02:28:10.0392 0x08c8 fastfat - ok
02:28:10.0470 0x08c8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
02:28:10.0532 0x08c8 Fax - ok
02:28:10.0563 0x08c8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
02:28:10.0594 0x08c8 fdc - ok
02:28:10.0626 0x08c8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
02:28:10.0688 0x08c8 fdPHost - ok
02:28:10.0704 0x08c8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
02:28:10.0782 0x08c8 FDResPub - ok
02:28:10.0813 0x08c8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
02:28:10.0844 0x08c8 FileInfo - ok
02:28:10.0860 0x08c8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
02:28:10.0922 0x08c8 Filetrace - ok
02:28:11.0000 0x08c8 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
02:28:11.0047 0x08c8 FLEXnet Licensing Service - ok
02:28:11.0094 0x08c8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
02:28:11.0109 0x08c8 flpydisk - ok
02:28:11.0187 0x08c8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
02:28:11.0218 0x08c8 FltMgr - ok
02:28:11.0328 0x08c8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
02:28:11.0406 0x08c8 FontCache - ok
02:28:11.0452 0x08c8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:28:11.0499 0x08c8 FontCache3.0.0.0 - ok
02:28:11.0530 0x08c8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
02:28:11.0546 0x08c8 FsDepends - ok
02:28:11.0593 0x08c8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
02:28:11.0608 0x08c8 Fs_Rec - ok
02:28:11.0655 0x08c8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
02:28:11.0702 0x08c8 fvevol - ok
02:28:11.0718 0x08c8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
02:28:11.0733 0x08c8 gagp30kx - ok
02:28:11.0811 0x08c8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
02:28:11.0905 0x08c8 gpsvc - ok
02:28:11.0967 0x08c8 [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
02:28:11.0998 0x08c8 GREGService - ok
02:28:12.0014 0x08c8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
02:28:12.0076 0x08c8 hcw85cir - ok
02:28:12.0154 0x08c8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
02:28:12.0217 0x08c8 HdAudAddService - ok
02:28:12.0232 0x08c8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
02:28:12.0264 0x08c8 HDAudBus - ok
02:28:12.0310 0x08c8 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
02:28:12.0326 0x08c8 HECIx64 - ok
02:28:12.0357 0x08c8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
02:28:12.0388 0x08c8 HidBatt - ok
02:28:12.0404 0x08c8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
02:28:12.0435 0x08c8 HidBth - ok
02:28:12.0466 0x08c8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
02:28:12.0513 0x08c8 HidIr - ok
02:28:12.0544 0x08c8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
02:28:12.0638 0x08c8 hidserv - ok
02:28:12.0700 0x08c8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
02:28:12.0732 0x08c8 HidUsb - ok
02:28:12.0763 0x08c8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
02:28:12.0825 0x08c8 hkmsvc - ok
02:28:12.0872 0x08c8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
02:28:12.0966 0x08c8 HomeGroupListener - ok
02:28:13.0012 0x08c8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
02:28:13.0028 0x08c8 HomeGroupProvider - ok
02:28:13.0106 0x08c8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
02:28:13.0137 0x08c8 HpSAMD - ok
02:28:13.0231 0x08c8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
02:28:13.0324 0x08c8 HTTP - ok
02:28:13.0371 0x08c8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
02:28:13.0402 0x08c8 hwpolicy - ok
02:28:13.0449 0x08c8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
02:28:13.0480 0x08c8 i8042prt - ok
02:28:13.0527 0x08c8 [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
02:28:13.0543 0x08c8 iaStor - ok
02:28:13.0605 0x08c8 [ 6B24D1C3096DE796D15571079EA5E98C, 89566A7BDEDA7A663110F72B6301998651937E1E3E541EAB054169CEC8C7353F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
02:28:13.0636 0x08c8 IAStorDataMgrSvc - ok
02:28:13.0683 0x08c8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
02:28:13.0714 0x08c8 iaStorV - ok
02:28:13.0792 0x08c8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:28:13.0855 0x08c8 idsvc - ok
02:28:13.0886 0x08c8 IEEtwCollectorService - ok
02:28:13.0917 0x08c8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
02:28:13.0933 0x08c8 iirsp - ok
02:28:13.0995 0x08c8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
02:28:14.0058 0x08c8 IKEEXT - ok
02:28:14.0182 0x08c8 [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
02:28:14.0292 0x08c8 IntcAzAudAddService - ok
02:28:14.0323 0x08c8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
02:28:14.0338 0x08c8 intelide - ok
02:28:14.0370 0x08c8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
02:28:14.0401 0x08c8 intelppm - ok
02:28:14.0432 0x08c8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
02:28:14.0479 0x08c8 IPBusEnum - ok
02:28:14.0526 0x08c8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:28:14.0588 0x08c8 IpFilterDriver - ok
02:28:14.0666 0x08c8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
02:28:14.0697 0x08c8 iphlpsvc - ok
02:28:14.0728 0x08c8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
02:28:14.0760 0x08c8 IPMIDRV - ok
02:28:14.0791 0x08c8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
02:28:14.0869 0x08c8 IPNAT - ok
02:28:14.0884 0x08c8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
02:28:14.0931 0x08c8 IRENUM - ok
02:28:14.0947 0x08c8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
02:28:14.0962 0x08c8 isapnp - ok
02:28:15.0025 0x08c8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
02:28:15.0072 0x08c8 iScsiPrt - ok
02:28:15.0134 0x08c8 [ 37E053A2CF8F0082B689ED74106E0CEC, 431D3A3212152A76878C9CA347056B62B2A5A3E0211C4D930639C426EE73A0B7 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
02:28:15.0165 0x08c8 k57nd60a - ok
02:28:15.0228 0x08c8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
02:28:15.0243 0x08c8 kbdclass - ok
02:28:15.0274 0x08c8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
02:28:15.0306 0x08c8 kbdhid - ok
02:28:15.0321 0x08c8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
02:28:15.0337 0x08c8 KeyIso - ok
02:28:15.0384 0x08c8 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
02:28:15.0415 0x08c8 KSecDD - ok
02:28:15.0462 0x08c8 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
02:28:15.0477 0x08c8 KSecPkg - ok
02:28:15.0524 0x08c8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
02:28:15.0586 0x08c8 ksthunk - ok
02:28:15.0633 0x08c8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
02:28:15.0696 0x08c8 KtmRm - ok
02:28:15.0774 0x08c8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
02:28:15.0836 0x08c8 LanmanServer - ok
02:28:15.0867 0x08c8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
02:28:15.0930 0x08c8 LanmanWorkstation - ok
02:28:15.0976 0x08c8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
02:28:16.0039 0x08c8 lltdio - ok
02:28:16.0070 0x08c8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
02:28:16.0132 0x08c8 lltdsvc - ok
02:28:16.0164 0x08c8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
02:28:16.0226 0x08c8 lmhosts - ok
02:28:16.0320 0x08c8 [ DBC1136A62BD4DECC3632DF650284C2E, 2D6344357D21A9062019C7DDF3DB440ABC724CDA925471BBFA8CCAC65E6A2C80 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
02:28:16.0335 0x08c8 LMS - ok
02:28:16.0366 0x08c8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
02:28:16.0398 0x08c8 LSI_FC - ok
02:28:16.0413 0x08c8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
02:28:16.0429 0x08c8 LSI_SAS - ok
02:28:16.0444 0x08c8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:28:16.0460 0x08c8 LSI_SAS2 - ok
02:28:16.0476 0x08c8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:28:16.0491 0x08c8 LSI_SCSI - ok
02:28:16.0507 0x08c8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
02:28:16.0569 0x08c8 luafv - ok
02:28:16.0632 0x08c8 [ 7AEAC0B5B185CB5601673A0462C7EC36, B79FB5094F32F11CE2969CD08DB0EBC695D150BA2200179EB6C3BBAEEDB857B2 ] massfilter C:\Windows\system32\DRIVERS\massfilter.sys
02:28:16.0678 0x08c8 massfilter - ok
02:28:16.0710 0x08c8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
02:28:16.0772 0x08c8 Mcx2Svc - ok
02:28:16.0788 0x08c8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
02:28:16.0803 0x08c8 megasas - ok
02:28:16.0834 0x08c8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
02:28:16.0866 0x08c8 MegaSR - ok
02:28:16.0897 0x08c8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
02:28:16.0944 0x08c8 MMCSS - ok
02:28:16.0959 0x08c8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
02:28:17.0022 0x08c8 Modem - ok
02:28:17.0053 0x08c8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
02:28:17.0084 0x08c8 monitor - ok
02:28:17.0100 0x08c8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
02:28:17.0131 0x08c8 mouclass - ok
02:28:17.0162 0x08c8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
02:28:17.0193 0x08c8 mouhid - ok
02:28:17.0224 0x08c8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
02:28:17.0256 0x08c8 mountmgr - ok
02:28:17.0349 0x08c8 [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:28:17.0380 0x08c8 MozillaMaintenance - ok
02:28:17.0443 0x08c8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
02:28:17.0458 0x08c8 mpio - ok
02:28:17.0490 0x08c8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
02:28:17.0536 0x08c8 mpsdrv - ok
02:28:17.0599 0x08c8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
02:28:17.0677 0x08c8 MpsSvc - ok
02:28:17.0724 0x08c8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
02:28:17.0786 0x08c8 MRxDAV - ok
02:28:17.0833 0x08c8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
02:28:17.0864 0x08c8 mrxsmb - ok
02:28:17.0911 0x08c8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:28:17.0958 0x08c8 mrxsmb10 - ok
02:28:17.0989 0x08c8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:28:18.0036 0x08c8 mrxsmb20 - ok
02:28:18.0082 0x08c8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
02:28:18.0114 0x08c8 msahci - ok
02:28:18.0129 0x08c8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
02:28:18.0160 0x08c8 msdsm - ok
02:28:18.0192 0x08c8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
02:28:18.0223 0x08c8 MSDTC - ok
02:28:18.0270 0x08c8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
02:28:18.0316 0x08c8 Msfs - ok
02:28:18.0316 0x08c8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
02:28:18.0379 0x08c8 mshidkmdf - ok
02:28:18.0426 0x08c8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
02:28:18.0441 0x08c8 msisadrv - ok
02:28:18.0472 0x08c8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
02:28:18.0535 0x08c8 MSiSCSI - ok
02:28:18.0550 0x08c8 msiserver - ok
02:28:18.0582 0x08c8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
02:28:18.0628 0x08c8 MSKSSRV - ok
02:28:18.0644 0x08c8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
02:28:18.0706 0x08c8 MSPCLOCK - ok
02:28:18.0706 0x08c8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
02:28:18.0769 0x08c8 MSPQM - ok
02:28:18.0800 0x08c8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
02:28:18.0831 0x08c8 MsRPC - ok
02:28:18.0878 0x08c8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
02:28:18.0894 0x08c8 mssmbios - ok
02:28:18.0909 0x08c8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
02:28:18.0972 0x08c8 MSTEE - ok
02:28:18.0987 0x08c8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
02:28:19.0018 0x08c8 MTConfig - ok
02:28:19.0034 0x08c8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
02:28:19.0050 0x08c8 Mup - ok
02:28:19.0128 0x08c8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
02:28:19.0190 0x08c8 napagent - ok
02:28:19.0237 0x08c8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
02:28:19.0268 0x08c8 NativeWifiP - ok
02:28:19.0346 0x08c8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
02:28:19.0377 0x08c8 NDIS - ok
02:28:19.0408 0x08c8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
02:28:19.0471 0x08c8 NdisCap - ok
02:28:19.0486 0x08c8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
02:28:19.0549 0x08c8 NdisTapi - ok
02:28:19.0596 0x08c8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
02:28:19.0642 0x08c8 Ndisuio - ok
02:28:19.0689 0x08c8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
02:28:19.0736 0x08c8 NdisWan - ok
02:28:19.0783 0x08c8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
02:28:19.0830 0x08c8 NDProxy - ok
02:28:19.0892 0x08c8 [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
02:28:19.0908 0x08c8 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
02:28:22.0341 0x08c8 Detect skipped due to KSN trusted
02:28:22.0341 0x08c8 Net Driver HPZ12 - ok
02:28:22.0388 0x08c8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
02:28:22.0482 0x08c8 NetBIOS - ok
02:28:22.0544 0x08c8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
02:28:22.0622 0x08c8 NetBT - ok
02:28:22.0638 0x08c8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
02:28:22.0653 0x08c8 Netlogon - ok
02:28:22.0684 0x08c8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
02:28:22.0762 0x08c8 Netman - ok
02:28:22.0825 0x08c8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:28:22.0872 0x08c8 NetMsmqActivator - ok
02:28:22.0903 0x08c8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:28:22.0918 0x08c8 NetPipeActivator - ok
02:28:22.0950 0x08c8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
02:28:23.0043 0x08c8 netprofm - ok
02:28:23.0090 0x08c8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:28:23.0121 0x08c8 NetTcpActivator - ok
02:28:23.0121 0x08c8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:28:23.0137 0x08c8 NetTcpPortSharing - ok
02:28:23.0168 0x08c8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
02:28:23.0184 0x08c8 nfrd960 - ok
02:28:23.0215 0x08c8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
02:28:23.0246 0x08c8 NlaSvc - ok
02:28:23.0262 0x08c8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
02:28:23.0324 0x08c8 Npfs - ok
02:28:23.0340 0x08c8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
02:28:23.0402 0x08c8 nsi - ok
02:28:23.0433 0x08c8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
02:28:23.0480 0x08c8 nsiproxy - ok
02:28:23.0589 0x08c8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
02:28:23.0652 0x08c8 Ntfs - ok
02:28:23.0714 0x08c8 [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
02:28:23.0745 0x08c8 NTI IScheduleSvc - ok
02:28:23.0777 0x08c8 [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
02:28:23.0808 0x08c8 NTIDrvr - ok
02:28:23.0823 0x08c8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
02:28:23.0917 0x08c8 Null - ok
02:28:23.0979 0x08c8 [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
02:28:24.0026 0x08c8 NVHDA - ok
02:28:24.0494 0x08c8 [ B4402E1D61A3015FC29BEF94BB1C81FD, 5D82BD1B94521B1748FA9C542BDD18B5B362317E5EE89D21F6A74FC4D51E5DF8 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
02:28:25.0103 0x08c8 nvlddmkm - ok
02:28:25.0181 0x08c8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
02:28:25.0196 0x08c8 nvraid - ok
02:28:25.0212 0x08c8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
02:28:25.0243 0x08c8 nvstor - ok
02:28:25.0290 0x08c8 [ 3446574A40B1F355B9CE636FC49DA5F1, 694C634B1316D81D7937F66A87C310A34BA7165AD292CAE2F6F34AAEC67895D9 ] nvsvc C:\Windows\system32\nvvsvc.exe
02:28:25.0305 0x08c8 nvsvc - ok
02:28:25.0352 0x08c8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
02:28:25.0383 0x08c8 nv_agp - ok
02:28:25.0399 0x08c8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
02:28:25.0415 0x08c8 ohci1394 - ok
02:28:25.0477 0x08c8 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:28:25.0493 0x08c8 ose - ok
02:28:25.0524 0x08c8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
02:28:25.0586 0x08c8 p2pimsvc - ok
02:28:25.0617 0x08c8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
02:28:25.0664 0x08c8 p2psvc - ok
02:28:25.0695 0x08c8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
02:28:25.0727 0x08c8 Parport - ok
02:28:25.0773 0x08c8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
02:28:25.0789 0x08c8 partmgr - ok
02:28:25.0820 0x08c8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
02:28:25.0851 0x08c8 PcaSvc - ok
02:28:25.0883 0x08c8 pccsmcfd - ok
02:28:25.0929 0x08c8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
02:28:25.0961 0x08c8 pci - ok
02:28:26.0007 0x08c8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
02:28:26.0039 0x08c8 pciide - ok
02:28:26.0070 0x08c8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
02:28:26.0101 0x08c8 pcmcia - ok
02:28:26.0117 0x08c8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
02:28:26.0132 0x08c8 pcw - ok
02:28:26.0163 0x08c8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
02:28:26.0241 0x08c8 PEAUTH - ok
02:28:26.0335 0x08c8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
02:28:26.0366 0x08c8 PerfHost - ok
02:28:26.0460 0x08c8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
02:28:26.0585 0x08c8 pla - ok
02:28:26.0631 0x08c8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
02:28:26.0663 0x08c8 PlugPlay - ok
02:28:26.0725 0x08c8 [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
02:28:26.0772 0x08c8 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
02:28:29.0205 0x08c8 Detect skipped due to KSN trusted
02:28:29.0205 0x08c8 Pml Driver HPZ12 - ok
02:28:29.0237 0x08c8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
02:28:29.0283 0x08c8 PNRPAutoReg - ok
02:28:29.0330 0x08c8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
02:28:29.0346 0x08c8 PNRPsvc - ok
02:28:29.0408 0x08c8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
02:28:29.0471 0x08c8 PolicyAgent - ok
02:28:29.0502 0x08c8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
02:28:29.0549 0x08c8 Power - ok
02:28:29.0611 0x08c8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
02:28:29.0705 0x08c8 PptpMiniport - ok
02:28:29.0720 0x08c8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
02:28:29.0751 0x08c8 Processor - ok
02:28:29.0798 0x08c8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
02:28:29.0845 0x08c8 ProfSvc - ok
02:28:29.0861 0x08c8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
02:28:29.0876 0x08c8 ProtectedStorage - ok
02:28:29.0954 0x08c8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
02:28:30.0017 0x08c8 Psched - ok
02:28:30.0079 0x08c8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
02:28:30.0157 0x08c8 ql2300 - ok
02:28:30.0173 0x08c8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
02:28:30.0188 0x08c8 ql40xx - ok
02:28:30.0219 0x08c8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
02:28:30.0266 0x08c8 QWAVE - ok
02:28:30.0282 0x08c8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
02:28:30.0313 0x08c8 QWAVEdrv - ok
02:28:30.0344 0x08c8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
02:28:30.0375 0x08c8 RasAcd - ok
02:28:30.0422 0x08c8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
02:28:30.0485 0x08c8 RasAgileVpn - ok
02:28:30.0516 0x08c8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
02:28:30.0578 0x08c8 RasAuto - ok
02:28:30.0609 0x08c8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
02:28:30.0672 0x08c8 Rasl2tp - ok
02:28:30.0734 0x08c8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
02:28:30.0812 0x08c8 RasMan - ok
02:28:30.0843 0x08c8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
02:28:30.0890 0x08c8 RasPppoe - ok
02:28:30.0906 0x08c8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
02:28:30.0953 0x08c8 RasSstp - ok
02:28:30.0999 0x08c8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
02:28:31.0077 0x08c8 rdbss - ok
02:28:31.0093 0x08c8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
02:28:31.0124 0x08c8 rdpbus - ok
02:28:31.0155 0x08c8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
02:28:31.0202 0x08c8 RDPCDD - ok
02:28:31.0233 0x08c8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
02:28:31.0296 0x08c8 RDPENCDD - ok
02:28:31.0311 0x08c8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
02:28:31.0389 0x08c8 RDPREFMP - ok
02:28:31.0452 0x08c8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
02:28:31.0514 0x08c8 RdpVideoMiniport - ok
02:28:31.0561 0x08c8 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
02:28:31.0623 0x08c8 RDPWD - ok
02:28:31.0686 0x08c8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
02:28:31.0717 0x08c8 rdyboost - ok
02:28:31.0733 0x08c8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
02:28:31.0811 0x08c8 RemoteAccess - ok
02:28:31.0842 0x08c8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
02:28:31.0920 0x08c8 RemoteRegistry - ok
02:28:31.0920 0x08c8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
02:28:31.0982 0x08c8 RpcEptMapper - ok
02:28:32.0013 0x08c8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
02:28:32.0045 0x08c8 RpcLocator - ok
02:28:32.0123 0x08c8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
02:28:32.0185 0x08c8 RpcSs - ok
02:28:32.0216 0x08c8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
02:28:32.0279 0x08c8 rspndr - ok
02:28:32.0325 0x08c8 [ 763AE0C6D9DF4C24B7E2C26036A8188A, 1728D9BDF910324988B3D28459AB0A15C57CBBA79D2DFE377342DF3486BA9D48 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
02:28:32.0341 0x08c8 RSUSBSTOR - ok
02:28:32.0357 0x08c8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
02:28:32.0372 0x08c8 SamSs - ok
02:28:32.0419 0x08c8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
02:28:32.0466 0x08c8 sbp2port - ok
02:28:32.0497 0x08c8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
02:28:32.0559 0x08c8 SCardSvr - ok
02:28:32.0606 0x08c8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
02:28:32.0669 0x08c8 scfilter - ok
02:28:32.0731 0x08c8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
02:28:32.0809 0x08c8 Schedule - ok
02:28:32.0856 0x08c8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
02:28:32.0903 0x08c8 SCPolicySvc - ok
02:28:32.0918 0x08c8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
02:28:32.0949 0x08c8 SDRSVC - ok
02:28:32.0981 0x08c8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
02:28:33.0059 0x08c8 secdrv - ok
02:28:33.0090 0x08c8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
02:28:33.0183 0x08c8 seclogon - ok
02:28:33.0215 0x08c8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
02:28:33.0261 0x08c8 SENS - ok
02:28:33.0293 0x08c8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
02:28:33.0339 0x08c8 SensrSvc - ok
02:28:33.0355 0x08c8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
02:28:33.0386 0x08c8 Serenum - ok
02:28:33.0417 0x08c8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
02:28:33.0449 0x08c8 Serial - ok
02:28:33.0480 0x08c8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
02:28:33.0511 0x08c8 sermouse - ok
02:28:33.0558 0x08c8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
02:28:33.0620 0x08c8 SessionEnv - ok
02:28:33.0636 0x08c8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
02:28:33.0683 0x08c8 sffdisk - ok
02:28:33.0714 0x08c8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
02:28:33.0745 0x08c8 sffp_mmc - ok
02:28:33.0761 0x08c8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
02:28:33.0792 0x08c8 sffp_sd - ok
02:28:33.0823 0x08c8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
02:28:33.0870 0x08c8 sfloppy - ok
02:28:33.0901 0x08c8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
02:28:33.0979 0x08c8 SharedAccess - ok
02:28:34.0057 0x08c8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
02:28:34.0119 0x08c8 ShellHWDetection - ok
02:28:34.0151 0x08c8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:28:34.0166 0x08c8 SiSRaid2 - ok
02:28:34.0182 0x08c8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
02:28:34.0197 0x08c8 SiSRaid4 - ok
02:28:34.0260 0x08c8 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
02:28:34.0338 0x08c8 SkypeUpdate - ok
02:28:34.0369 0x08c8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
02:28:34.0416 0x08c8 Smb - ok
02:28:34.0463 0x08c8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
02:28:34.0494 0x08c8 SNMPTRAP - ok
02:28:34.0509 0x08c8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
02:28:34.0525 0x08c8 spldr - ok
02:28:34.0572 0x08c8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
02:28:34.0634 0x08c8 Spooler - ok
02:28:34.0806 0x08c8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
02:28:35.0040 0x08c8 sppsvc - ok
02:28:35.0071 0x08c8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
02:28:35.0133 0x08c8 sppuinotify - ok
02:28:35.0165 0x08c8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
02:28:35.0227 0x08c8 srv - ok
02:28:35.0258 0x08c8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
02:28:35.0305 0x08c8 srv2 - ok
02:28:35.0321 0x08c8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
02:28:35.0336 0x08c8 srvnet - ok
02:28:35.0367 0x08c8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
02:28:35.0430 0x08c8 SSDPSRV - ok
02:28:35.0445 0x08c8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
02:28:35.0523 0x08c8 SstpSvc - ok
02:28:35.0539 0x08c8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
02:28:35.0555 0x08c8 stexstor - ok
02:28:35.0633 0x08c8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
02:28:35.0679 0x08c8 stisvc - ok
02:28:35.0726 0x08c8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
02:28:35.0757 0x08c8 swenum - ok
02:28:35.0820 0x08c8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
02:28:35.0898 0x08c8 swprv - ok
02:28:35.0945 0x08c8 [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
02:28:35.0976 0x08c8 SynTP - ok
02:28:36.0085 0x08c8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
02:28:36.0179 0x08c8 SysMain - ok
02:28:36.0225 0x08c8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
02:28:36.0272 0x08c8 TabletInputService - ok
02:28:36.0288 0x08c8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
02:28:36.0397 0x08c8 TapiSrv - ok
02:28:36.0428 0x08c8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
02:28:36.0475 0x08c8 TBS - ok
02:28:36.0584 0x08c8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
02:28:36.0678 0x08c8 Tcpip - ok
02:28:36.0740 0x08c8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
02:28:36.0803 0x08c8 TCPIP6 - ok
02:28:36.0834 0x08c8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
02:28:36.0865 0x08c8 tcpipreg - ok
02:28:36.0881 0x08c8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
02:28:36.0927 0x08c8 TDPIPE - ok
02:28:36.0974 0x08c8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
02:28:36.0990 0x08c8 TDTCP - ok
02:28:37.0037 0x08c8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
02:28:37.0115 0x08c8 tdx - ok
02:28:37.0130 0x08c8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
02:28:37.0161 0x08c8 TermDD - ok
02:28:37.0224 0x08c8 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
02:28:37.0286 0x08c8 TermService - ok
02:28:37.0317 0x08c8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
02:28:37.0333 0x08c8 Themes - ok
02:28:37.0364 0x08c8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
02:28:37.0395 0x08c8 THREADORDER - ok
02:28:37.0442 0x08c8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
02:28:37.0505 0x08c8 TrkWks - ok
02:28:37.0567 0x08c8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
02:28:37.0629 0x08c8 TrustedInstaller - ok
02:28:37.0676 0x08c8 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
02:28:37.0739 0x08c8 tssecsrv - ok
02:28:37.0801 0x08c8 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
02:28:37.0863 0x08c8 TsUsbFlt - ok
02:28:37.0926 0x08c8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
02:28:37.0988 0x08c8 tunnel - ok
02:28:38.0019 0x08c8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
02:28:38.0035 0x08c8 uagp35 - ok
02:28:38.0066 0x08c8 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
02:28:38.0082 0x08c8 UBHelper - ok
02:28:38.0129 0x08c8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
02:28:38.0222 0x08c8 udfs - ok
02:28:38.0238 0x08c8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
02:28:38.0269 0x08c8 UI0Detect - ok
02:28:38.0285 0x08c8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
02:28:38.0300 0x08c8 uliagpkx - ok
02:28:38.0347 0x08c8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
02:28:38.0409 0x08c8 umbus - ok
02:28:38.0456 0x08c8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
02:28:38.0487 0x08c8 UmPass - ok
02:28:38.0628 0x08c8 [ 7466809E6DA561D60C2F1CE8EDE3C73F, A3185049282A51B17C3DA839AF7E90F1CD395B2FB5587514EB2D65CB22854E2C ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
02:28:38.0706 0x08c8 UNS - ok
02:28:38.0768 0x08c8 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
02:28:38.0784 0x08c8 Updater Service - ok
02:28:38.0815 0x08c8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
02:28:38.0877 0x08c8 upnphost - ok
02:28:38.0924 0x08c8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
02:28:38.0971 0x08c8 usbccgp - ok
02:28:39.0018 0x08c8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
02:28:39.0096 0x08c8 usbcir - ok
02:28:39.0143 0x08c8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
02:28:39.0189 0x08c8 usbehci - ok
02:28:39.0236 0x08c8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
02:28:39.0283 0x08c8 usbhub - ok
02:28:39.0314 0x08c8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
02:28:39.0345 0x08c8 usbohci - ok
02:28:39.0377 0x08c8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
02:28:39.0408 0x08c8 usbprint - ok
02:28:39.0470 0x08c8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
02:28:39.0533 0x08c8 usbscan - ok
02:28:39.0564 0x08c8 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\drivers\usbser.sys
02:28:39.0626 0x08c8 usbser - ok
02:28:39.0657 0x08c8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:28:39.0704 0x08c8 USBSTOR - ok
02:28:39.0751 0x08c8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
02:28:39.0782 0x08c8 usbuhci - ok
02:28:39.0845 0x08c8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
02:28:39.0876 0x08c8 usbvideo - ok
02:28:39.0907 0x08c8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
02:28:39.0969 0x08c8 UxSms - ok
02:28:40.0016 0x08c8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
02:28:40.0032 0x08c8 VaultSvc - ok
02:28:40.0079 0x08c8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
02:28:40.0094 0x08c8 vdrvroot - ok
02:28:40.0157 0x08c8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
02:28:40.0235 0x08c8 vds - ok
02:28:40.0266 0x08c8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
02:28:40.0281 0x08c8 vga - ok
02:28:40.0297 0x08c8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
02:28:40.0344 0x08c8 VgaSave - ok
02:28:40.0406 0x08c8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
02:28:40.0453 0x08c8 vhdmp - ok
02:28:40.0484 0x08c8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
02:28:40.0500 0x08c8 viaide - ok
02:28:40.0515 0x08c8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
02:28:40.0531 0x08c8 volmgr - ok
02:28:40.0593 0x08c8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
02:28:40.0640 0x08c8 volmgrx - ok
02:28:40.0656 0x08c8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
02:28:40.0687 0x08c8 volsnap - ok
02:28:40.0718 0x08c8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
02:28:40.0749 0x08c8 vsmraid - ok
02:28:40.0859 0x08c8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
02:28:40.0983 0x08c8 VSS - ok
02:28:40.0999 0x08c8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
02:28:41.0030 0x08c8 vwifibus - ok
02:28:41.0077 0x08c8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
02:28:41.0108 0x08c8 vwififlt - ok
02:28:41.0124 0x08c8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
02:28:41.0155 0x08c8 vwifimp - ok
02:28:41.0186 0x08c8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
02:28:41.0264 0x08c8 W32Time - ok
02:28:41.0280 0x08c8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
02:28:41.0311 0x08c8 WacomPen - ok
02:28:41.0373 0x08c8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
02:28:41.0451 0x08c8 WANARP - ok
02:28:41.0451 0x08c8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
02:28:41.0498 0x08c8 Wanarpv6 - ok
02:28:41.0607 0x08c8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
02:28:41.0732 0x08c8 wbengine - ok
02:28:41.0779 0x08c8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
02:28:41.0841 0x08c8 WbioSrvc - ok
02:28:41.0888 0x08c8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
02:28:41.0951 0x08c8 wcncsvc - ok
02:28:41.0966 0x08c8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
02:28:42.0044 0x08c8 WcsPlugInService - ok
02:28:42.0075 0x08c8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
02:28:42.0107 0x08c8 Wd - ok
02:28:42.0169 0x08c8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
02:28:42.0216 0x08c8 Wdf01000 - ok
02:28:42.0231 0x08c8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
02:28:42.0325 0x08c8 WdiServiceHost - ok
02:28:42.0325 0x08c8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
02:28:42.0356 0x08c8 WdiSystemHost - ok
02:28:42.0403 0x08c8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
02:28:42.0450 0x08c8 WebClient - ok
02:28:42.0481 0x08c8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
02:28:42.0543 0x08c8 Wecsvc - ok
02:28:42.0575 0x08c8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
02:28:42.0621 0x08c8 wercplsupport - ok
02:28:42.0653 0x08c8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
02:28:42.0715 0x08c8 WerSvc - ok
02:28:42.0731 0x08c8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
02:28:42.0777 0x08c8 WfpLwf - ok
02:28:42.0777 0x08c8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
02:28:42.0793 0x08c8 WIMMount - ok
02:28:42.0824 0x08c8 WinDefend - ok
02:28:42.0840 0x08c8 WinHttpAutoProxySvc - ok
02:28:42.0902 0x08c8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
02:28:42.0980 0x08c8 Winmgmt - ok
02:28:43.0089 0x08c8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
02:28:43.0214 0x08c8 WinRM - ok
02:28:43.0292 0x08c8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
02:28:43.0339 0x08c8 WinUsb - ok
02:28:43.0401 0x08c8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
02:28:43.0448 0x08c8 Wlansvc - ok
02:28:43.0635 0x08c8 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:28:43.0713 0x08c8 wlidsvc - ok
02:28:43.0760 0x08c8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
02:28:43.0791 0x08c8 WmiAcpi - ok
02:28:43.0823 0x08c8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
02:28:43.0869 0x08c8 wmiApSrv - ok
02:28:43.0901 0x08c8 WMPNetworkSvc - ok
02:28:43.0916 0x08c8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
02:28:43.0947 0x08c8 WPCSvc - ok
02:28:43.0994 0x08c8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
02:28:44.0010 0x08c8 WPDBusEnum - ok
02:28:44.0041 0x08c8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
02:28:44.0103 0x08c8 ws2ifsl - ok
02:28:44.0135 0x08c8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
02:28:44.0150 0x08c8 wscsvc - ok
02:28:44.0150 0x08c8 WSearch - ok
02:28:44.0306 0x08c8 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
02:28:44.0384 0x08c8 wuauserv - ok
02:28:44.0431 0x08c8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
02:28:44.0493 0x08c8 WudfPf - ok
02:28:44.0540 0x08c8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
02:28:44.0571 0x08c8 WUDFRd - ok
02:28:44.0618 0x08c8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
02:28:44.0665 0x08c8 wudfsvc - ok
02:28:44.0712 0x08c8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
02:28:44.0759 0x08c8 WwanSvc - ok
02:28:44.0821 0x08c8 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
02:28:44.0868 0x08c8 ZTEusbmdm6k - ok
02:28:44.0883 0x08c8 [ 9E74E0D096F8023A68A262A012153182, 133EE39960D9F9E7A24566B5784E8E247ABC0F127CAC7AFA1CF5A4E2C9CC7A9F ] ZTEusbnet C:\Windows\system32\DRIVERS\ZTEusbnet.sys
02:28:44.0946 0x08c8 ZTEusbnet - ok
02:28:45.0024 0x08c8 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
02:28:45.0071 0x08c8 ZTEusbnmea - ok
02:28:45.0102 0x08c8 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
02:28:45.0133 0x08c8 ZTEusbser6k - ok
02:28:45.0164 0x08c8 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbvoice C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
02:28:45.0180 0x08c8 ZTEusbvoice - ok
02:28:45.0211 0x08c8 ================ Scan global ===============================
02:28:45.0242 0x08c8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
02:28:45.0305 0x08c8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
02:28:45.0320 0x08c8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
02:28:45.0351 0x08c8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
02:28:45.0398 0x08c8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
02:28:45.0414 0x08c8 [ Global ] - ok
02:28:45.0414 0x08c8 ================ Scan MBR ==================================
02:28:45.0429 0x08c8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
02:28:45.0960 0x08c8 \Device\Harddisk0\DR0 - ok
02:28:45.0960 0x08c8 ================ Scan VBR ==================================
02:28:45.0960 0x08c8 [ 477CD4308D9A40328F959569D6A06F3C ] \Device\Harddisk0\DR0\Partition1
02:28:46.0007 0x08c8 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
02:28:46.0007 0x08c8 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
02:28:48.0534 0x08c8 [ 303F3BE33FE5AB1188E7148F6BF9979A ] \Device\Harddisk0\DR0\Partition2
02:28:48.0581 0x08c8 \Device\Harddisk0\DR0\Partition2 - ok
02:28:48.0581 0x08c8 [ A44ABAD31CCA4A849EB1FEB45814184C ] \Device\Harddisk0\DR0\Partition3
02:28:48.0643 0x08c8 \Device\Harddisk0\DR0\Partition3 - ok
02:28:48.0674 0x08c8 [ A802F1F5B2E2D4B609B01522F36D6004 ] \Device\Harddisk0\DR0\Partition4
02:28:48.0705 0x08c8 \Device\Harddisk0\DR0\Partition4 - ok
02:28:48.0705 0x08c8 ================ Scan generic autorun ======================
02:28:48.0737 0x08c8 mwlDaemon - ok
02:28:49.0142 0x08c8 [ 8CB8E0C93C5459B45BE1FA628FB0D761, F06830359F11515BA1CA5EC061F5B254E5A4676FBEC8AFAC23B56BB413B7E63F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
02:28:49.0548 0x08c8 RtHDVCpl - ok
02:28:49.0563 0x08c8 SynTPEnh - ok
02:28:49.0657 0x08c8 [ 147B96A5AEA8CEF3A34D8E378EAAA9B2, AC60E8184AC0DF277C26617AAD06F13A315B459AE47D9093161FB3DD652195B1 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
02:28:49.0688 0x08c8 Acer ePower Management - ok
02:28:49.0766 0x08c8 [ 9ECF375A6E4E74D056F4B54E76D58721, 29C89504C369CC40BC6BEDE965F52736CB01FA70644059392C912FFB35C4ED0A ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
02:28:49.0797 0x08c8 IAStorIcon - ok
02:28:49.0829 0x08c8 [ 94F80155B91B8DF7A0EAD527C853D377, 3E35B686DB526592F2ABF4B3E6EAACE1E784A5552C1CE074E85661388E66C153 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
02:28:49.0844 0x08c8 BackupManagerTray - ok
02:28:49.0907 0x08c8 [ 5A5BF95C7410E96E04C57B06232E9965, 942CBC854CC7A729AAADE2C4E96CA20EF488701F4FA200D0FC8CEF3D35E90EF1 ] C:\Program Files (x86)\Launch Manager\LManager.exe
02:28:49.0938 0x08c8 LManager - ok
02:28:50.0016 0x08c8 [ A62C1C03713584382E5C8860D650F2C9, 456F34F09086809F8BA63C65EB3A99D91DD59CEADCDA478371E83A2C18F9E9C0 ] C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\EuWatch.exe
02:28:50.0047 0x08c8 EaseUs Watch - detected UnsignedFile.Multi.Generic ( 1 )
02:28:52.0574 0x08c8 Detect skipped due to KSN trusted
02:28:52.0574 0x08c8 EaseUs Watch - ok
02:28:52.0652 0x08c8 [ 574B0C1A95D1EA0FBA1CA700CE83E7B9, 9E6568706BD66F700C24618E208B95B0015AA26872B4337C96A83415676A031F ] C:\Program Files (x86)\Common Files\Logitech\QCDriver3\LVCOMS.EXE
02:28:52.0683 0x08c8 LVCOMS - detected UnsignedFile.Multi.Generic ( 1 )
02:28:55.0086 0x08c8 Detect skipped due to KSN trusted
02:28:55.0086 0x08c8 LVCOMS - ok
02:28:55.0148 0x08c8 [ 12E54BDE520DC85A611D7245DF44BCE5, 8F90F71AC97CE47D6A4F3491A48E3F857E8DEFD51E2DFDD528666AFC592E3B4E ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
02:28:55.0195 0x08c8 FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
02:28:57.0707 0x08c8 Detect skipped due to KSN trusted
02:28:57.0707 0x08c8 FreePDF Assistant - ok
02:28:57.0816 0x08c8 [ B63E5C7807334A3A8F731062F15462CC, F4E501F749C10C44E8F501A34D8DD309892968BE70DA17734267BBCDDC351444 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
02:28:57.0847 0x08c8 Adobe ARM - ok
02:28:57.0925 0x08c8 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
02:28:57.0956 0x08c8 avgnt - ok
02:28:58.0003 0x08c8 [ 51DAD159BD771681B67593B9B8289A45, 40A7277819C2D7BCA10D22DC2F443F986DF04E777D3A4A0C89CC0991B020607C ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
02:28:58.0019 0x08c8 Avira Systray - ok
02:28:58.0065 0x08c8 [ BE3F6956EF8FEF4AAD1F67334C406839, 606A5A6309259D89AFA9E17EA248EE63F044E371EB038812FC7CF40F1E03BCA4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
02:28:58.0081 0x08c8 SunJavaUpdateSched - ok
02:28:58.0097 0x08c8 Waiting for KSN requests completion. In queue: 4
02:28:59.0111 0x08c8 Waiting for KSN requests completion. In queue: 4
02:29:00.0125 0x08c8 Waiting for KSN requests completion. In queue: 4
02:29:01.0170 0x08c8 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
02:29:01.0185 0x08c8 Win FW state via NFP2: enabled
02:29:03.0619 0x08c8 ============================================================
02:29:03.0619 0x08c8 Scan finished
02:29:03.0619 0x08c8 ============================================================
02:29:03.0635 0x0f60 Detected object count: 1
02:29:03.0635 0x0f60 Actual detected object count: 1
02:29:30.0357 0x0f60 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
02:29:30.0357 0x0f60 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
|
|
27.08.2014, 16:14
| #12 |
| /// the machine /// TB-Ausbilder | Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.08.2014, 01:59
| #13 |
| | Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst Die desinfektion mit TDSSKiller scheint erfolgreich gewesen zu sein. Leider war ich etwas zu schnell und habe direkt nach der erfolgreichen Desinfektion einen neuen Scan durchgeführt. Dabei wurde das Log-File der Desinfektion überschrieben. Ich poste daher die Logs der Scans von vor und nach der Desinfektion. Vor der Desinfektion mit TDSSKiller: Code:
ATTFilter 02:18:09.0527 0x0960 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
02:18:14.0113 0x0960 ============================================================
02:18:14.0113 0x0960 Current date / time: 2014/08/28 02:18:14.0113
02:18:14.0113 0x0960 SystemInfo:
02:18:14.0113 0x0960
02:18:14.0113 0x0960 OS Version: 6.1.7601 ServicePack: 1.0
02:18:14.0113 0x0960 Product type: Workstation
02:18:14.0113 0x0960 ComputerName: MICHAEL-PC
02:18:14.0113 0x0960 UserName: Michael
02:18:14.0113 0x0960 Windows directory: C:\Windows
02:18:14.0113 0x0960 System windows directory: C:\Windows
02:18:14.0113 0x0960 Running under WOW64
02:18:14.0113 0x0960 Processor architecture: Intel x64
02:18:14.0113 0x0960 Number of processors: 4
02:18:14.0113 0x0960 Page size: 0x1000
02:18:14.0113 0x0960 Boot type: Normal boot
02:18:14.0113 0x0960 ============================================================
02:18:15.0361 0x0960 KLMD registered as C:\Windows\system32\drivers\74702736.sys
02:18:15.0860 0x0960 System UUID: {D34A57AE-E91A-2D6B-DE10-56FDF63470E2}
02:18:16.0422 0x0960 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:18:16.0438 0x0960 ============================================================
02:18:16.0438 0x0960 \Device\Harddisk0\DR0:
02:18:16.0438 0x0960 MBR partitions:
02:18:16.0438 0x0960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
02:18:16.0438 0x0960 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x11B34B23
02:18:16.0453 0x0960 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x13567362, BlocksNum 0x938225D
02:18:16.0469 0x0960 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x1C8E95FE, BlocksNum 0x1DA9B643
02:18:16.0469 0x0960 ============================================================
02:18:16.0500 0x0960 C: <-> \Device\Harddisk0\DR0\Partition2
02:18:16.0516 0x0960 E: <-> \Device\Harddisk0\DR0\Partition3
02:18:16.0531 0x0960 F: <-> \Device\Harddisk0\DR0\Partition4
02:18:16.0531 0x0960 ============================================================
02:18:16.0531 0x0960 Initialize success
02:18:16.0531 0x0960 ============================================================
02:18:31.0570 0x0afc ============================================================
02:18:31.0570 0x0afc Scan started
02:18:31.0570 0x0afc Mode: Manual; SigCheck; TDLFS;
02:18:31.0570 0x0afc ============================================================
02:18:31.0570 0x0afc KSN ping started
02:18:31.0726 0x0afc KSN ping finished: false
02:18:32.0319 0x0afc ================ Scan system memory ========================
02:18:32.0319 0x0afc System memory - ok
02:18:32.0319 0x0afc ================ Scan services =============================
02:18:32.0553 0x0afc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
02:18:32.0865 0x0afc 1394ohci - ok
02:18:32.0943 0x0afc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
02:18:32.0974 0x0afc ACPI - ok
02:18:33.0005 0x0afc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
02:18:33.0114 0x0afc AcpiPmi - ok
02:18:33.0239 0x0afc [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:18:33.0255 0x0afc AdobeARMservice - ok
02:18:33.0317 0x0afc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
02:18:33.0348 0x0afc adp94xx - ok
02:18:33.0379 0x0afc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
02:18:33.0411 0x0afc adpahci - ok
02:18:33.0426 0x0afc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
02:18:33.0442 0x0afc adpu320 - ok
02:18:33.0473 0x0afc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
02:18:33.0660 0x0afc AeLookupSvc - ok
02:18:33.0707 0x0afc [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
02:18:33.0785 0x0afc AFD - ok
02:18:33.0816 0x0afc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
02:18:33.0863 0x0afc agp440 - ok
02:18:33.0879 0x0afc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
02:18:33.0957 0x0afc ALG - ok
02:18:34.0019 0x0afc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
02:18:34.0050 0x0afc aliide - ok
02:18:34.0081 0x0afc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
02:18:34.0097 0x0afc amdide - ok
02:18:34.0128 0x0afc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
02:18:34.0191 0x0afc AmdK8 - ok
02:18:34.0206 0x0afc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
02:18:34.0269 0x0afc AmdPPM - ok
02:18:34.0315 0x0afc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
02:18:34.0362 0x0afc amdsata - ok
02:18:34.0393 0x0afc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
02:18:34.0409 0x0afc amdsbs - ok
02:18:34.0440 0x0afc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
02:18:34.0440 0x0afc amdxata - ok
02:18:34.0549 0x0afc [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
02:18:34.0581 0x0afc AntiVirSchedulerService - ok
02:18:34.0627 0x0afc [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
02:18:34.0643 0x0afc AntiVirService - ok
02:18:34.0721 0x0afc [ 8275A6F8857CB98F72CBAF75770E9E10, B945A8937E95269A84C4B0EA0E202EE564B457E32DE239DCCDF9F14D9CC204C7 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
02:18:34.0752 0x0afc AntiVirWebService - ok
02:18:34.0799 0x0afc [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
02:18:34.0986 0x0afc AppID - ok
02:18:35.0033 0x0afc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
02:18:35.0142 0x0afc AppIDSvc - ok
02:18:35.0189 0x0afc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
02:18:35.0267 0x0afc Appinfo - ok
02:18:35.0329 0x0afc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
02:18:35.0361 0x0afc arc - ok
02:18:35.0376 0x0afc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
02:18:35.0407 0x0afc arcsas - ok
02:18:35.0532 0x0afc [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
02:18:35.0579 0x0afc aspnet_state - ok
02:18:35.0610 0x0afc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
02:18:35.0657 0x0afc AsyncMac - ok
02:18:35.0704 0x0afc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
02:18:35.0719 0x0afc atapi - ok
02:18:35.0782 0x0afc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
02:18:35.0875 0x0afc AudioEndpointBuilder - ok
02:18:35.0891 0x0afc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
02:18:35.0953 0x0afc AudioSrv - ok
02:18:36.0000 0x0afc [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
02:18:36.0031 0x0afc avgntflt - ok
02:18:36.0078 0x0afc [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
02:18:36.0109 0x0afc avipbb - ok
02:18:36.0172 0x0afc [ A59D07E02A75EDC8FA141470C5EC96C3, A20416444B3C15F85651383F8D40F4F93400B1B78A60174A2AD3A6308836ED93 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
02:18:36.0203 0x0afc Avira.OE.ServiceHost - ok
02:18:36.0250 0x0afc [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
02:18:36.0281 0x0afc avkmgr - ok
02:18:36.0343 0x0afc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
02:18:36.0468 0x0afc AxInstSV - ok
02:18:36.0531 0x0afc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
02:18:36.0593 0x0afc b06bdrv - ok
02:18:36.0624 0x0afc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
02:18:36.0671 0x0afc b57nd60a - ok
02:18:36.0874 0x0afc [ 2D659B569A76CDB83B815675A80D7096, 8246BD350017B6CBADA4BBDBAB8B708B0A8F1AD5ADD4B2DE1BA610B4A188C262 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
02:18:36.0999 0x0afc BCM43XX - ok
02:18:37.0045 0x0afc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
02:18:37.0108 0x0afc BDESVC - ok
02:18:37.0123 0x0afc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
02:18:37.0201 0x0afc Beep - ok
02:18:37.0295 0x0afc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
02:18:37.0373 0x0afc BFE - ok
02:18:37.0451 0x0afc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
02:18:37.0545 0x0afc BITS - ok
02:18:37.0576 0x0afc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
02:18:37.0623 0x0afc blbdrive - ok
02:18:37.0654 0x0afc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
02:18:37.0701 0x0afc bowser - ok
02:18:37.0732 0x0afc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:18:37.0810 0x0afc BrFiltLo - ok
02:18:37.0825 0x0afc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:18:37.0888 0x0afc BrFiltUp - ok
02:18:37.0966 0x0afc [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
02:18:38.0044 0x0afc BridgeMP - ok
02:18:38.0106 0x0afc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
02:18:38.0184 0x0afc Browser - ok
02:18:38.0215 0x0afc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
02:18:38.0262 0x0afc Brserid - ok
02:18:38.0293 0x0afc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
02:18:38.0340 0x0afc BrSerWdm - ok
02:18:38.0371 0x0afc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
02:18:38.0418 0x0afc BrUsbMdm - ok
02:18:38.0434 0x0afc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
02:18:38.0465 0x0afc BrUsbSer - ok
02:18:38.0481 0x0afc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
02:18:38.0527 0x0afc BTHMODEM - ok
02:18:38.0559 0x0afc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
02:18:38.0652 0x0afc bthserv - ok
02:18:38.0699 0x0afc catchme - ok
02:18:38.0730 0x0afc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
02:18:38.0839 0x0afc cdfs - ok
02:18:38.0886 0x0afc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
02:18:38.0933 0x0afc cdrom - ok
02:18:38.0980 0x0afc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
02:18:39.0058 0x0afc CertPropSvc - ok
02:18:39.0089 0x0afc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
02:18:39.0120 0x0afc circlass - ok
02:18:39.0183 0x0afc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
02:18:39.0214 0x0afc CLFS - ok
02:18:39.0261 0x0afc [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:18:39.0307 0x0afc clr_optimization_v2.0.50727_32 - ok
02:18:39.0354 0x0afc [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:18:39.0385 0x0afc clr_optimization_v2.0.50727_64 - ok
02:18:39.0448 0x0afc [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:18:39.0588 0x0afc clr_optimization_v4.0.30319_32 - ok
02:18:39.0604 0x0afc [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:18:39.0666 0x0afc clr_optimization_v4.0.30319_64 - ok
02:18:39.0697 0x0afc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
02:18:39.0729 0x0afc CmBatt - ok
02:18:39.0775 0x0afc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
02:18:39.0791 0x0afc cmdide - ok
02:18:39.0869 0x0afc [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
02:18:39.0916 0x0afc CNG - ok
02:18:39.0963 0x0afc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
02:18:39.0978 0x0afc Compbatt - ok
02:18:40.0025 0x0afc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
02:18:40.0087 0x0afc CompositeBus - ok
02:18:40.0103 0x0afc COMSysApp - ok
02:18:40.0119 0x0afc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
02:18:40.0134 0x0afc crcdisk - ok
02:18:40.0197 0x0afc [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
02:18:40.0275 0x0afc CryptSvc - ok
02:18:40.0337 0x0afc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
02:18:40.0399 0x0afc DcomLaunch - ok
02:18:40.0446 0x0afc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
02:18:40.0524 0x0afc defragsvc - ok
02:18:40.0571 0x0afc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
02:18:40.0680 0x0afc DfsC - ok
02:18:40.0743 0x0afc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
02:18:40.0789 0x0afc Dhcp - ok
02:18:40.0821 0x0afc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
02:18:40.0914 0x0afc discache - ok
02:18:40.0945 0x0afc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
02:18:40.0961 0x0afc Disk - ok
02:18:41.0008 0x0afc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
02:18:41.0070 0x0afc Dnscache - ok
02:18:41.0117 0x0afc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
02:18:41.0195 0x0afc dot3svc - ok
02:18:41.0273 0x0afc [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
02:18:41.0335 0x0afc Dot4 - ok
02:18:41.0367 0x0afc [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
02:18:41.0413 0x0afc Dot4Print - ok
02:18:41.0429 0x0afc [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
02:18:41.0476 0x0afc dot4usb - ok
02:18:41.0523 0x0afc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
02:18:41.0585 0x0afc DPS - ok
02:18:41.0632 0x0afc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
02:18:41.0679 0x0afc drmkaud - ok
02:18:41.0757 0x0afc [ 1FCA854CEDFC2CCD0C22E46EA4EA18F1, 3508547FCE3B6ACA34511BB2C50A375E3894EBFAC656B9D1C82EA8439EFD8846 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
02:18:41.0788 0x0afc DsiWMIService - ok
02:18:41.0866 0x0afc [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
02:18:41.0913 0x0afc DXGKrnl - ok
02:18:41.0959 0x0afc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
02:18:42.0022 0x0afc EapHost - ok
02:18:42.0115 0x0afc [ 2EA8CCC4AF7D9223DD397D8CCB636F5D, DCC2D68DC50703C34021583884901C93179226E57FE91CD75F77CE6C69099B30 ] EASEUS Agent C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\Agent.exe
02:18:42.0162 0x0afc EASEUS Agent - detected UnsignedFile.Multi.Generic ( 1 )
02:18:42.0256 0x0afc EASEUS Agent ( UnsignedFile.Multi.Generic ) - warning
02:18:42.0412 0x0afc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
02:18:42.0646 0x0afc ebdrv - ok
02:18:42.0677 0x0afc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
02:18:42.0724 0x0afc EFS - ok
02:18:42.0817 0x0afc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
02:18:42.0895 0x0afc ehRecvr - ok
02:18:42.0927 0x0afc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
02:18:42.0973 0x0afc ehSched - ok
02:18:43.0020 0x0afc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
02:18:43.0051 0x0afc elxstor - ok
02:18:43.0083 0x0afc [ 9EAFB3B3B60B8AD958985152A9309ACA, EC58F487D50A125DA3F747670282EA2104580CCAAF709EA494B61C7549576AE6 ] epmntdrv C:\Windows\system32\epmntdrv.sys
02:18:43.0114 0x0afc epmntdrv - detected UnsignedFile.Multi.Generic ( 1 )
02:18:43.0114 0x0afc epmntdrv ( UnsignedFile.Multi.Generic ) - warning
02:18:43.0207 0x0afc [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
02:18:43.0254 0x0afc ePowerSvc - ok
02:18:43.0301 0x0afc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
02:18:43.0332 0x0afc ErrDev - ok
02:18:43.0363 0x0afc [ 74A88F4B1F22F394E27792A0195505D1, 497E3281A29F5F3E1DB4B186E5EF73AE68DDC62CDF0B516DABF113D41AE68E19 ] EUBAKUP C:\Windows\system32\drivers\eubakup.sys
02:18:43.0379 0x0afc EUBAKUP - detected UnsignedFile.Multi.Generic ( 1 )
02:18:43.0379 0x0afc EUBAKUP ( UnsignedFile.Multi.Generic ) - warning
02:18:43.0410 0x0afc [ A25BED567EA531F27CC87FD5B331BB02, 5C6ED7F09F4FE208B10C0674A1915C23B53642E952ED4A59ABBA1436F1795395 ] EuDisk C:\Windows\system32\DRIVERS\EuDisk.sys
02:18:43.0457 0x0afc EuDisk - detected UnsignedFile.Multi.Generic ( 1 )
02:18:43.0457 0x0afc EuDisk ( UnsignedFile.Multi.Generic ) - warning
02:18:43.0473 0x0afc [ 5A720EACFE8DB9D8D28C691C09269A58, 0EFF1E37808AF410C64DED1A353109F44E3B207F286D284B1D6B36C511DBCAAE ] EUDSKACS C:\Windows\system32\drivers\eudskacs.sys
02:18:43.0504 0x0afc EUDSKACS - detected UnsignedFile.Multi.Generic ( 1 )
02:18:43.0504 0x0afc EUDSKACS ( UnsignedFile.Multi.Generic ) - warning
02:18:43.0504 0x0afc Force sending object to P2P due to detect: EUDSKACS
02:18:43.0504 0x0afc Object send P2P result: false
02:18:43.0519 0x0afc [ 84F2D1D52BB527A8477B2DB2C220DD0D, EB2C909C3ED62EF20DAE3972D2896055840B0FAB7379F90B069EB20CB224F5AF ] EUFS C:\Windows\system32\drivers\eufs.sys
02:18:43.0551 0x0afc EUFS - detected UnsignedFile.Multi.Generic ( 1 )
02:18:43.0551 0x0afc EUFS ( UnsignedFile.Multi.Generic ) - warning
02:18:43.0613 0x0afc [ FB949ED2C93C878A189039F3D7730942, 857AFB9965F14C80C21948C05A44D37948BD206961101DFF087735D6A7CCAA8A ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
02:18:43.0660 0x0afc EuGdiDrv - detected UnsignedFile.Multi.Generic ( 1 )
02:18:43.0660 0x0afc EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
02:18:43.0707 0x0afc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
02:18:43.0785 0x0afc EventSystem - ok
02:18:43.0800 0x0afc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
02:18:43.0863 0x0afc exfat - ok
02:18:43.0894 0x0afc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
02:18:43.0987 0x0afc fastfat - ok
02:18:44.0050 0x0afc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
02:18:44.0112 0x0afc Fax - ok
02:18:44.0128 0x0afc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
02:18:44.0175 0x0afc fdc - ok
02:18:44.0206 0x0afc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
02:18:44.0268 0x0afc fdPHost - ok
02:18:44.0284 0x0afc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
02:18:44.0346 0x0afc FDResPub - ok
02:18:44.0377 0x0afc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
02:18:44.0377 0x0afc FileInfo - ok
02:18:44.0393 0x0afc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
02:18:44.0455 0x0afc Filetrace - ok
02:18:44.0549 0x0afc [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
02:18:44.0611 0x0afc FLEXnet Licensing Service - ok
02:18:44.0627 0x0afc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
02:18:44.0658 0x0afc flpydisk - ok
02:18:44.0689 0x0afc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
02:18:44.0721 0x0afc FltMgr - ok
02:18:44.0799 0x0afc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
02:18:44.0908 0x0afc FontCache - ok
02:18:44.0970 0x0afc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:18:44.0986 0x0afc FontCache3.0.0.0 - ok
02:18:45.0017 0x0afc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
02:18:45.0033 0x0afc FsDepends - ok
02:18:45.0111 0x0afc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
02:18:45.0142 0x0afc Fs_Rec - ok
02:18:45.0173 0x0afc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
02:18:45.0204 0x0afc fvevol - ok
02:18:45.0235 0x0afc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
02:18:45.0251 0x0afc gagp30kx - ok
02:18:45.0329 0x0afc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
02:18:45.0407 0x0afc gpsvc - ok
02:18:45.0469 0x0afc [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
02:18:45.0501 0x0afc GREGService - ok
02:18:45.0516 0x0afc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
02:18:45.0563 0x0afc hcw85cir - ok
02:18:45.0641 0x0afc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
02:18:45.0688 0x0afc HdAudAddService - ok
02:18:45.0719 0x0afc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
02:18:45.0750 0x0afc HDAudBus - ok
02:18:45.0781 0x0afc [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
02:18:45.0828 0x0afc HECIx64 - ok
02:18:45.0844 0x0afc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
02:18:45.0891 0x0afc HidBatt - ok
02:18:45.0906 0x0afc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
02:18:45.0953 0x0afc HidBth - ok
02:18:45.0969 0x0afc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
02:18:46.0015 0x0afc HidIr - ok
02:18:46.0047 0x0afc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
02:18:46.0125 0x0afc hidserv - ok
02:18:46.0187 0x0afc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
02:18:46.0234 0x0afc HidUsb - ok
02:18:46.0281 0x0afc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
02:18:46.0359 0x0afc hkmsvc - ok
02:18:46.0405 0x0afc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
02:18:46.0499 0x0afc HomeGroupListener - ok
02:18:46.0530 0x0afc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
02:18:46.0577 0x0afc HomeGroupProvider - ok
02:18:46.0608 0x0afc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
02:18:46.0639 0x0afc HpSAMD - ok
02:18:46.0717 0x0afc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
02:18:46.0811 0x0afc HTTP - ok
02:18:46.0827 0x0afc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
02:18:46.0842 0x0afc hwpolicy - ok
02:18:46.0889 0x0afc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
02:18:46.0936 0x0afc i8042prt - ok
02:18:47.0139 0x0afc [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
02:18:47.0232 0x0afc iaStor - ok
02:18:47.0560 0x0afc [ 6B24D1C3096DE796D15571079EA5E98C, 89566A7BDEDA7A663110F72B6301998651937E1E3E541EAB054169CEC8C7353F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
02:18:47.0622 0x0afc IAStorDataMgrSvc - ok
02:18:47.0825 0x0afc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
02:18:48.0043 0x0afc iaStorV - ok
02:18:48.0168 0x0afc [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:18:48.0293 0x0afc idsvc - ok
02:18:48.0340 0x0afc IEEtwCollectorService - ok
02:18:48.0402 0x0afc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
02:18:48.0449 0x0afc iirsp - ok
02:18:48.0589 0x0afc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
02:18:48.0667 0x0afc IKEEXT - ok
02:18:48.0839 0x0afc [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
02:18:48.0917 0x0afc IntcAzAudAddService - ok
02:18:48.0964 0x0afc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
02:18:48.0979 0x0afc intelide - ok
02:18:49.0026 0x0afc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
02:18:49.0057 0x0afc intelppm - ok
02:18:49.0089 0x0afc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
02:18:49.0151 0x0afc IPBusEnum - ok
02:18:49.0182 0x0afc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:18:49.0245 0x0afc IpFilterDriver - ok
02:18:49.0307 0x0afc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
02:18:49.0338 0x0afc iphlpsvc - ok
02:18:49.0369 0x0afc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
02:18:49.0401 0x0afc IPMIDRV - ok
02:18:49.0432 0x0afc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
02:18:49.0541 0x0afc IPNAT - ok
02:18:49.0557 0x0afc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
02:18:49.0666 0x0afc IRENUM - ok
02:18:49.0697 0x0afc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
02:18:49.0728 0x0afc isapnp - ok
02:18:49.0775 0x0afc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
02:18:49.0806 0x0afc iScsiPrt - ok
02:18:49.0884 0x0afc [ 37E053A2CF8F0082B689ED74106E0CEC, 431D3A3212152A76878C9CA347056B62B2A5A3E0211C4D930639C426EE73A0B7 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
02:18:49.0915 0x0afc k57nd60a - ok
02:18:49.0947 0x0afc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
02:18:49.0962 0x0afc kbdclass - ok
02:18:50.0009 0x0afc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
02:18:50.0025 0x0afc kbdhid - ok
02:18:50.0056 0x0afc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
02:18:50.0071 0x0afc KeyIso - ok
02:18:50.0103 0x0afc [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
02:18:50.0134 0x0afc KSecDD - ok
02:18:50.0181 0x0afc [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
02:18:50.0212 0x0afc KSecPkg - ok
02:18:50.0243 0x0afc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
02:18:50.0321 0x0afc ksthunk - ok
02:18:50.0368 0x0afc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
02:18:50.0430 0x0afc KtmRm - ok
02:18:50.0477 0x0afc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
02:18:50.0539 0x0afc LanmanServer - ok
02:18:50.0571 0x0afc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
02:18:50.0633 0x0afc LanmanWorkstation - ok
02:18:50.0664 0x0afc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
02:18:50.0742 0x0afc lltdio - ok
02:18:50.0773 0x0afc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
02:18:50.0851 0x0afc lltdsvc - ok
02:18:50.0867 0x0afc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
02:18:50.0914 0x0afc lmhosts - ok
02:18:50.0992 0x0afc [ DBC1136A62BD4DECC3632DF650284C2E, 2D6344357D21A9062019C7DDF3DB440ABC724CDA925471BBFA8CCAC65E6A2C80 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
02:18:51.0023 0x0afc LMS - ok
02:18:51.0070 0x0afc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
02:18:51.0117 0x0afc LSI_FC - ok
02:18:51.0148 0x0afc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
02:18:51.0163 0x0afc LSI_SAS - ok
02:18:51.0179 0x0afc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:18:51.0195 0x0afc LSI_SAS2 - ok
02:18:51.0210 0x0afc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:18:51.0226 0x0afc LSI_SCSI - ok
02:18:51.0241 0x0afc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
02:18:51.0304 0x0afc luafv - ok
02:18:51.0366 0x0afc [ 7AEAC0B5B185CB5601673A0462C7EC36, B79FB5094F32F11CE2969CD08DB0EBC695D150BA2200179EB6C3BBAEEDB857B2 ] massfilter C:\Windows\system32\DRIVERS\massfilter.sys
02:18:51.0413 0x0afc massfilter - ok
02:18:51.0444 0x0afc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
02:18:51.0491 0x0afc Mcx2Svc - ok
02:18:51.0507 0x0afc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
02:18:51.0522 0x0afc megasas - ok
02:18:51.0553 0x0afc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
02:18:51.0585 0x0afc MegaSR - ok
02:18:51.0600 0x0afc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
02:18:51.0663 0x0afc MMCSS - ok
02:18:51.0678 0x0afc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
02:18:51.0725 0x0afc Modem - ok
02:18:51.0772 0x0afc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
02:18:51.0803 0x0afc monitor - ok
02:18:51.0834 0x0afc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
02:18:51.0850 0x0afc mouclass - ok
02:18:51.0865 0x0afc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
02:18:51.0897 0x0afc mouhid - ok
02:18:51.0943 0x0afc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
02:18:51.0975 0x0afc mountmgr - ok
02:18:52.0068 0x0afc [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:18:52.0115 0x0afc MozillaMaintenance - ok
02:18:52.0162 0x0afc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
02:18:52.0177 0x0afc mpio - ok
02:18:52.0193 0x0afc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
02:18:52.0240 0x0afc mpsdrv - ok
02:18:52.0333 0x0afc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
02:18:52.0411 0x0afc MpsSvc - ok
02:18:52.0443 0x0afc [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
02:18:52.0505 0x0afc MRxDAV - ok
02:18:52.0536 0x0afc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
02:18:52.0583 0x0afc mrxsmb - ok
02:18:52.0614 0x0afc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:18:52.0677 0x0afc mrxsmb10 - ok
02:18:52.0692 0x0afc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:18:52.0739 0x0afc mrxsmb20 - ok
02:18:52.0786 0x0afc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
02:18:52.0817 0x0afc msahci - ok
02:18:52.0848 0x0afc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
02:18:52.0864 0x0afc msdsm - ok
02:18:52.0895 0x0afc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
02:18:52.0926 0x0afc MSDTC - ok
02:18:52.0973 0x0afc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
02:18:53.0020 0x0afc Msfs - ok
02:18:53.0035 0x0afc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
02:18:53.0098 0x0afc mshidkmdf - ok
02:18:53.0129 0x0afc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
02:18:53.0145 0x0afc msisadrv - ok
02:18:53.0160 0x0afc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
02:18:53.0238 0x0afc MSiSCSI - ok
02:18:53.0238 0x0afc msiserver - ok
02:18:53.0285 0x0afc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
02:18:53.0332 0x0afc MSKSSRV - ok
02:18:53.0347 0x0afc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
02:18:53.0410 0x0afc MSPCLOCK - ok
02:18:53.0410 0x0afc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
02:18:53.0472 0x0afc MSPQM - ok
02:18:53.0519 0x0afc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
02:18:53.0535 0x0afc MsRPC - ok
02:18:53.0566 0x0afc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
02:18:53.0581 0x0afc mssmbios - ok
02:18:53.0597 0x0afc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
02:18:53.0659 0x0afc MSTEE - ok
02:18:53.0675 0x0afc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
02:18:53.0706 0x0afc MTConfig - ok
02:18:53.0722 0x0afc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
02:18:53.0737 0x0afc Mup - ok
02:18:53.0784 0x0afc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
02:18:53.0862 0x0afc napagent - ok
02:18:53.0909 0x0afc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
02:18:53.0956 0x0afc NativeWifiP - ok
02:18:54.0018 0x0afc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
02:18:54.0049 0x0afc NDIS - ok
02:18:54.0096 0x0afc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
02:18:54.0159 0x0afc NdisCap - ok
02:18:54.0174 0x0afc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
02:18:54.0237 0x0afc NdisTapi - ok
02:18:54.0283 0x0afc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
02:18:54.0361 0x0afc Ndisuio - ok
02:18:54.0408 0x0afc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
02:18:54.0486 0x0afc NdisWan - ok
02:18:54.0517 0x0afc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
02:18:54.0564 0x0afc NDProxy - ok
02:18:54.0627 0x0afc [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
02:18:54.0642 0x0afc Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
02:18:54.0642 0x0afc Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
02:18:54.0673 0x0afc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
02:18:54.0751 0x0afc NetBIOS - ok
02:18:54.0798 0x0afc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
02:18:54.0892 0x0afc NetBT - ok
02:18:54.0923 0x0afc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
02:18:54.0939 0x0afc Netlogon - ok
02:18:54.0970 0x0afc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
02:18:55.0079 0x0afc Netman - ok
02:18:55.0126 0x0afc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:18:55.0204 0x0afc NetMsmqActivator - ok
02:18:55.0219 0x0afc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:18:55.0235 0x0afc NetPipeActivator - ok
02:18:55.0266 0x0afc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
02:18:55.0344 0x0afc netprofm - ok
02:18:55.0375 0x0afc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:18:55.0407 0x0afc NetTcpActivator - ok
02:18:55.0422 0x0afc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:18:55.0438 0x0afc NetTcpPortSharing - ok
02:18:55.0469 0x0afc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
02:18:55.0485 0x0afc nfrd960 - ok
02:18:55.0500 0x0afc [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
02:18:55.0547 0x0afc NlaSvc - ok
02:18:55.0563 0x0afc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
02:18:55.0625 0x0afc Npfs - ok
02:18:55.0656 0x0afc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
02:18:55.0750 0x0afc nsi - ok
02:18:55.0781 0x0afc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
02:18:55.0828 0x0afc nsiproxy - ok
02:18:55.0937 0x0afc [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
02:18:55.0999 0x0afc Ntfs - ok
02:18:56.0062 0x0afc [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
02:18:56.0093 0x0afc NTI IScheduleSvc - ok
02:18:56.0140 0x0afc [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
02:18:56.0171 0x0afc NTIDrvr - ok
02:18:56.0187 0x0afc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
02:18:56.0296 0x0afc Null - ok
02:18:56.0358 0x0afc [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
02:18:56.0405 0x0afc NVHDA - ok
02:18:56.0842 0x0afc [ B4402E1D61A3015FC29BEF94BB1C81FD, 5D82BD1B94521B1748FA9C542BDD18B5B362317E5EE89D21F6A74FC4D51E5DF8 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
02:18:57.0169 0x0afc nvlddmkm - ok
02:18:57.0232 0x0afc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
02:18:57.0279 0x0afc nvraid - ok
02:18:57.0294 0x0afc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
02:18:57.0325 0x0afc nvstor - ok
02:18:57.0372 0x0afc [ 3446574A40B1F355B9CE636FC49DA5F1, 694C634B1316D81D7937F66A87C310A34BA7165AD292CAE2F6F34AAEC67895D9 ] nvsvc C:\Windows\system32\nvvsvc.exe
02:18:57.0403 0x0afc nvsvc - ok
02:18:57.0450 0x0afc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
02:18:57.0481 0x0afc nv_agp - ok
02:18:57.0497 0x0afc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
02:18:57.0513 0x0afc ohci1394 - ok
02:18:57.0575 0x0afc [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:18:57.0606 0x0afc ose - ok
02:18:57.0653 0x0afc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
02:18:57.0700 0x0afc p2pimsvc - ok
02:18:57.0731 0x0afc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
02:18:57.0778 0x0afc p2psvc - ok
02:18:57.0809 0x0afc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
02:18:57.0840 0x0afc Parport - ok
02:18:57.0871 0x0afc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
02:18:57.0887 0x0afc partmgr - ok
02:18:57.0918 0x0afc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
02:18:57.0965 0x0afc PcaSvc - ok
02:18:57.0981 0x0afc pccsmcfd - ok
02:18:58.0012 0x0afc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
02:18:58.0027 0x0afc pci - ok
02:18:58.0059 0x0afc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
02:18:58.0090 0x0afc pciide - ok
02:18:58.0121 0x0afc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
02:18:58.0137 0x0afc pcmcia - ok
02:18:58.0152 0x0afc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
02:18:58.0168 0x0afc pcw - ok
02:18:58.0199 0x0afc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
02:18:58.0277 0x0afc PEAUTH - ok
02:18:58.0371 0x0afc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
02:18:58.0417 0x0afc PerfHost - ok
02:18:58.0495 0x0afc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
02:18:58.0605 0x0afc pla - ok
02:18:58.0636 0x0afc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
02:18:58.0683 0x0afc PlugPlay - ok
02:18:58.0745 0x0afc [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
02:18:58.0776 0x0afc Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
02:18:58.0776 0x0afc Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
02:18:58.0792 0x0afc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
02:18:58.0839 0x0afc PNRPAutoReg - ok
02:18:58.0870 0x0afc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
02:18:58.0901 0x0afc PNRPsvc - ok
02:18:58.0963 0x0afc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
02:18:59.0026 0x0afc PolicyAgent - ok
02:18:59.0057 0x0afc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
02:18:59.0104 0x0afc Power - ok
02:18:59.0151 0x0afc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
02:18:59.0244 0x0afc PptpMiniport - ok
02:18:59.0260 0x0afc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
02:18:59.0307 0x0afc Processor - ok
02:18:59.0338 0x0afc [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
02:18:59.0369 0x0afc ProfSvc - ok
02:18:59.0385 0x0afc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
02:18:59.0400 0x0afc ProtectedStorage - ok
02:18:59.0447 0x0afc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
02:18:59.0509 0x0afc Psched - ok
02:18:59.0619 0x0afc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
02:18:59.0681 0x0afc ql2300 - ok
02:18:59.0697 0x0afc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
02:18:59.0712 0x0afc ql40xx - ok
02:18:59.0759 0x0afc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
02:18:59.0790 0x0afc QWAVE - ok
02:18:59.0821 0x0afc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
02:18:59.0884 0x0afc QWAVEdrv - ok
02:18:59.0899 0x0afc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
02:18:59.0946 0x0afc RasAcd - ok
02:18:59.0993 0x0afc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
02:19:00.0055 0x0afc RasAgileVpn - ok
02:19:00.0087 0x0afc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
02:19:00.0165 0x0afc RasAuto - ok
02:19:00.0196 0x0afc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
02:19:00.0258 0x0afc Rasl2tp - ok
02:19:00.0305 0x0afc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
02:19:00.0367 0x0afc RasMan - ok
02:19:00.0399 0x0afc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
02:19:00.0445 0x0afc RasPppoe - ok
02:19:00.0477 0x0afc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
02:19:00.0539 0x0afc RasSstp - ok
02:19:00.0586 0x0afc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
02:19:00.0679 0x0afc rdbss - ok
02:19:00.0711 0x0afc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
02:19:00.0742 0x0afc rdpbus - ok
02:19:00.0757 0x0afc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
02:19:00.0820 0x0afc RDPCDD - ok
02:19:00.0851 0x0afc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
02:19:00.0913 0x0afc RDPENCDD - ok
02:19:00.0945 0x0afc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
02:19:00.0991 0x0afc RDPREFMP - ok
02:19:01.0023 0x0afc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
02:19:01.0069 0x0afc RdpVideoMiniport - ok
02:19:01.0101 0x0afc [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
02:19:01.0147 0x0afc RDPWD - ok
02:19:01.0210 0x0afc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
02:19:01.0241 0x0afc rdyboost - ok
02:19:01.0272 0x0afc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
02:19:01.0335 0x0afc RemoteAccess - ok
02:19:01.0366 0x0afc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
02:19:01.0428 0x0afc RemoteRegistry - ok
02:19:01.0444 0x0afc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
02:19:01.0506 0x0afc RpcEptMapper - ok
02:19:01.0537 0x0afc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
02:19:01.0569 0x0afc RpcLocator - ok
02:19:01.0615 0x0afc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
02:19:01.0662 0x0afc RpcSs - ok
02:19:01.0693 0x0afc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
02:19:01.0756 0x0afc rspndr - ok
02:19:01.0818 0x0afc [ 763AE0C6D9DF4C24B7E2C26036A8188A, 1728D9BDF910324988B3D28459AB0A15C57CBBA79D2DFE377342DF3486BA9D48 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
02:19:01.0834 0x0afc RSUSBSTOR - ok
02:19:01.0849 0x0afc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
02:19:01.0865 0x0afc SamSs - ok
02:19:01.0912 0x0afc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
02:19:01.0943 0x0afc sbp2port - ok
02:19:01.0974 0x0afc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
02:19:02.0037 0x0afc SCardSvr - ok
02:19:02.0068 0x0afc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
02:19:02.0115 0x0afc scfilter - ok
02:19:02.0177 0x0afc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
02:19:02.0271 0x0afc Schedule - ok
02:19:02.0302 0x0afc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
02:19:02.0349 0x0afc SCPolicySvc - ok
02:19:02.0364 0x0afc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
02:19:02.0411 0x0afc SDRSVC - ok
02:19:02.0442 0x0afc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
02:19:02.0520 0x0afc secdrv - ok
02:19:02.0551 0x0afc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
02:19:02.0645 0x0afc seclogon - ok
02:19:02.0676 0x0afc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
02:19:02.0739 0x0afc SENS - ok
02:19:02.0754 0x0afc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
02:19:02.0801 0x0afc SensrSvc - ok
02:19:02.0801 0x0afc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
02:19:02.0817 0x0afc Serenum - ok
02:19:02.0863 0x0afc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
02:19:02.0895 0x0afc Serial - ok
02:19:02.0957 0x0afc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
02:19:03.0004 0x0afc sermouse - ok
02:19:03.0051 0x0afc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
02:19:03.0113 0x0afc SessionEnv - ok
02:19:03.0129 0x0afc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
02:19:03.0175 0x0afc sffdisk - ok
02:19:03.0191 0x0afc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
02:19:03.0238 0x0afc sffp_mmc - ok
02:19:03.0269 0x0afc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
02:19:03.0300 0x0afc sffp_sd - ok
02:19:03.0316 0x0afc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
02:19:03.0347 0x0afc sfloppy - ok
02:19:03.0394 0x0afc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
02:19:03.0472 0x0afc SharedAccess - ok
02:19:03.0519 0x0afc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
02:19:03.0612 0x0afc ShellHWDetection - ok
02:19:03.0628 0x0afc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:19:03.0643 0x0afc SiSRaid2 - ok
02:19:03.0659 0x0afc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
02:19:03.0690 0x0afc SiSRaid4 - ok
02:19:03.0753 0x0afc [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
02:19:03.0784 0x0afc SkypeUpdate - ok
02:19:03.0799 0x0afc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
02:19:03.0846 0x0afc Smb - ok
02:19:03.0924 0x0afc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
02:19:03.0955 0x0afc SNMPTRAP - ok
02:19:03.0971 0x0afc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
02:19:03.0987 0x0afc spldr - ok
02:19:04.0049 0x0afc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
02:19:04.0111 0x0afc Spooler - ok
02:19:04.0283 0x0afc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
02:19:04.0517 0x0afc sppsvc - ok
02:19:04.0548 0x0afc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
02:19:04.0611 0x0afc sppuinotify - ok
02:19:04.0657 0x0afc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
02:19:04.0704 0x0afc srv - ok
02:19:04.0751 0x0afc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
02:19:04.0782 0x0afc srv2 - ok
02:19:04.0798 0x0afc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
02:19:04.0829 0x0afc srvnet - ok
02:19:04.0860 0x0afc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
02:19:04.0938 0x0afc SSDPSRV - ok
02:19:04.0954 0x0afc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
02:19:05.0001 0x0afc SstpSvc - ok
02:19:05.0032 0x0afc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
02:19:05.0047 0x0afc stexstor - ok
02:19:05.0094 0x0afc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
02:19:05.0141 0x0afc stisvc - ok
02:19:05.0157 0x0afc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
02:19:05.0188 0x0afc swenum - ok
02:19:05.0235 0x0afc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
02:19:05.0297 0x0afc swprv - ok
02:19:05.0344 0x0afc [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
02:19:05.0375 0x0afc SynTP - ok
02:19:05.0484 0x0afc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
02:19:05.0593 0x0afc SysMain - ok
02:19:05.0625 0x0afc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
02:19:05.0671 0x0afc TabletInputService - ok
02:19:05.0703 0x0afc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
02:19:05.0765 0x0afc TapiSrv - ok
02:19:05.0796 0x0afc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
02:19:05.0843 0x0afc TBS - ok
02:19:05.0952 0x0afc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
02:19:06.0015 0x0afc Tcpip - ok
02:19:06.0061 0x0afc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
02:19:06.0124 0x0afc TCPIP6 - ok
02:19:06.0155 0x0afc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
02:19:06.0202 0x0afc tcpipreg - ok
02:19:06.0233 0x0afc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
02:19:06.0264 0x0afc TDPIPE - ok
02:19:06.0295 0x0afc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
02:19:06.0327 0x0afc TDTCP - ok
02:19:06.0358 0x0afc [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
02:19:06.0451 0x0afc tdx - ok
02:19:06.0483 0x0afc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
02:19:06.0498 0x0afc TermDD - ok
02:19:06.0545 0x0afc [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
02:19:06.0639 0x0afc TermService - ok
02:19:06.0701 0x0afc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
02:19:06.0732 0x0afc Themes - ok
02:19:06.0763 0x0afc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
02:19:06.0810 0x0afc THREADORDER - ok
02:19:06.0841 0x0afc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
02:19:06.0935 0x0afc TrkWks - ok
02:19:06.0982 0x0afc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
02:19:07.0075 0x0afc TrustedInstaller - ok
02:19:07.0107 0x0afc [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
02:19:07.0153 0x0afc tssecsrv - ok
02:19:07.0200 0x0afc [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
02:19:07.0278 0x0afc TsUsbFlt - ok
02:19:07.0341 0x0afc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
02:19:07.0419 0x0afc tunnel - ok
02:19:07.0450 0x0afc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
02:19:07.0481 0x0afc uagp35 - ok
02:19:07.0512 0x0afc [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
02:19:07.0528 0x0afc UBHelper - ok
02:19:07.0575 0x0afc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
02:19:07.0653 0x0afc udfs - ok
02:19:07.0684 0x0afc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
02:19:07.0731 0x0afc UI0Detect - ok
02:19:07.0777 0x0afc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
02:19:07.0793 0x0afc uliagpkx - ok
02:19:07.0840 0x0afc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
02:19:07.0902 0x0afc umbus - ok
02:19:07.0965 0x0afc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
02:19:08.0027 0x0afc UmPass - ok
02:19:08.0401 0x0afc [ 7466809E6DA561D60C2F1CE8EDE3C73F, A3185049282A51B17C3DA839AF7E90F1CD395B2FB5587514EB2D65CB22854E2C ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
02:19:08.0651 0x0afc UNS - ok
02:19:08.0729 0x0afc [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
02:19:08.0760 0x0afc Updater Service - ok
02:19:08.0823 0x0afc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
02:19:08.0916 0x0afc upnphost - ok
02:19:08.0947 0x0afc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
02:19:09.0010 0x0afc usbccgp - ok
02:19:09.0072 0x0afc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
02:19:09.0150 0x0afc usbcir - ok
02:19:09.0181 0x0afc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
02:19:09.0228 0x0afc usbehci - ok
02:19:09.0275 0x0afc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
02:19:09.0337 0x0afc usbhub - ok
02:19:09.0384 0x0afc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
02:19:09.0431 0x0afc usbohci - ok
02:19:09.0462 0x0afc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
02:19:09.0525 0x0afc usbprint - ok
02:19:09.0571 0x0afc [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
02:19:09.0634 0x0afc usbscan - ok
02:19:09.0665 0x0afc [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\drivers\usbser.sys
02:19:09.0727 0x0afc usbser - ok
02:19:09.0790 0x0afc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:19:09.0852 0x0afc USBSTOR - ok
02:19:09.0883 0x0afc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
02:19:09.0915 0x0afc usbuhci - ok
02:19:10.0008 0x0afc [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
02:19:10.0071 0x0afc usbvideo - ok
02:19:10.0102 0x0afc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
02:19:10.0164 0x0afc UxSms - ok
02:19:10.0180 0x0afc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
02:19:10.0195 0x0afc VaultSvc - ok
02:19:10.0258 0x0afc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
02:19:10.0258 0x0afc vdrvroot - ok
02:19:10.0336 0x0afc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
02:19:10.0429 0x0afc vds - ok
02:19:10.0476 0x0afc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
02:19:10.0492 0x0afc vga - ok
02:19:10.0507 0x0afc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
02:19:10.0554 0x0afc VgaSave - ok
02:19:10.0585 0x0afc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
02:19:10.0617 0x0afc vhdmp - ok
02:19:10.0663 0x0afc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
02:19:10.0695 0x0afc viaide - ok
02:19:10.0757 0x0afc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
02:19:10.0788 0x0afc volmgr - ok
02:19:10.0835 0x0afc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
02:19:10.0866 0x0afc volmgrx - ok
02:19:10.0882 0x0afc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
02:19:10.0897 0x0afc volsnap - ok
02:19:10.0944 0x0afc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
02:19:10.0975 0x0afc vsmraid - ok
02:19:11.0256 0x0afc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
02:19:11.0506 0x0afc VSS - ok
02:19:11.0537 0x0afc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
02:19:11.0584 0x0afc vwifibus - ok
02:19:11.0631 0x0afc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
02:19:11.0662 0x0afc vwififlt - ok
02:19:11.0677 0x0afc [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
02:19:11.0709 0x0afc vwifimp - ok
02:19:11.0818 0x0afc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
02:19:11.0896 0x0afc W32Time - ok
02:19:11.0911 0x0afc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
02:19:11.0943 0x0afc WacomPen - ok
02:19:12.0005 0x0afc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
02:19:12.0083 0x0afc WANARP - ok
02:19:12.0099 0x0afc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
02:19:12.0130 0x0afc Wanarpv6 - ok
02:19:12.0255 0x0afc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
02:19:12.0379 0x0afc wbengine - ok
02:19:12.0411 0x0afc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
02:19:12.0442 0x0afc WbioSrvc - ok
02:19:12.0504 0x0afc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
02:19:12.0567 0x0afc wcncsvc - ok
02:19:12.0598 0x0afc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
02:19:12.0707 0x0afc WcsPlugInService - ok
02:19:12.0723 0x0afc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
02:19:12.0769 0x0afc Wd - ok
02:19:12.0863 0x0afc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
02:19:12.0925 0x0afc Wdf01000 - ok
02:19:12.0941 0x0afc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
02:19:13.0066 0x0afc WdiServiceHost - ok
02:19:13.0081 0x0afc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
02:19:13.0113 0x0afc WdiSystemHost - ok
02:19:13.0191 0x0afc [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
02:19:13.0253 0x0afc WebClient - ok
02:19:13.0284 0x0afc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
02:19:13.0362 0x0afc Wecsvc - ok
02:19:13.0393 0x0afc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
02:19:13.0456 0x0afc wercplsupport - ok
02:19:13.0518 0x0afc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
02:19:13.0596 0x0afc WerSvc - ok
02:19:13.0924 0x0afc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
02:19:13.0986 0x0afc WfpLwf - ok
02:19:13.0986 0x0afc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
02:19:14.0017 0x0afc WIMMount - ok
02:19:14.0049 0x0afc WinDefend - ok
02:19:14.0064 0x0afc WinHttpAutoProxySvc - ok
02:19:14.0127 0x0afc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
02:19:14.0220 0x0afc Winmgmt - ok
02:19:14.0376 0x0afc [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
02:19:14.0688 0x0afc WinRM - ok
02:19:14.0782 0x0afc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
02:19:14.0813 0x0afc WinUsb - ok
02:19:14.0953 0x0afc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
02:19:15.0016 0x0afc Wlansvc - ok
02:19:15.0250 0x0afc [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:19:15.0343 0x0afc wlidsvc - ok
02:19:15.0390 0x0afc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
02:19:15.0421 0x0afc WmiAcpi - ok
02:19:15.0468 0x0afc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
02:19:15.0515 0x0afc wmiApSrv - ok
02:19:15.0546 0x0afc WMPNetworkSvc - ok
02:19:15.0562 0x0afc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
02:19:15.0624 0x0afc WPCSvc - ok
02:19:15.0655 0x0afc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
02:19:15.0718 0x0afc WPDBusEnum - ok
02:19:15.0749 0x0afc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
02:19:15.0858 0x0afc ws2ifsl - ok
02:19:15.0889 0x0afc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
02:19:15.0921 0x0afc wscsvc - ok
02:19:15.0921 0x0afc WSearch - ok
02:19:16.0139 0x0afc [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
02:19:16.0342 0x0afc wuauserv - ok
02:19:16.0389 0x0afc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
02:19:16.0513 0x0afc WudfPf - ok
02:19:16.0545 0x0afc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
02:19:16.0591 0x0afc WUDFRd - ok
02:19:16.0607 0x0afc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
02:19:16.0638 0x0afc wudfsvc - ok
02:19:16.0950 0x0afc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
02:19:17.0122 0x0afc WwanSvc - ok
02:19:17.0200 0x0afc [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
02:19:17.0231 0x0afc ZTEusbmdm6k - ok
02:19:17.0278 0x0afc [ 9E74E0D096F8023A68A262A012153182, 133EE39960D9F9E7A24566B5784E8E247ABC0F127CAC7AFA1CF5A4E2C9CC7A9F ] ZTEusbnet C:\Windows\system32\DRIVERS\ZTEusbnet.sys
02:19:17.0356 0x0afc ZTEusbnet - ok
02:19:17.0418 0x0afc [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
02:19:17.0434 0x0afc ZTEusbnmea - ok
02:19:17.0481 0x0afc [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
02:19:17.0512 0x0afc ZTEusbser6k - ok
02:19:17.0574 0x0afc [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbvoice C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
02:19:17.0590 0x0afc ZTEusbvoice - ok
02:19:17.0605 0x0afc ================ Scan global ===============================
02:19:17.0637 0x0afc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
02:19:17.0699 0x0afc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
02:19:17.0777 0x0afc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
02:19:17.0808 0x0afc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
02:19:17.0886 0x0afc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
02:19:17.0902 0x0afc [ Global ] - ok
02:19:17.0902 0x0afc ================ Scan MBR ==================================
02:19:17.0917 0x0afc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
02:19:18.0635 0x0afc \Device\Harddisk0\DR0 - ok
02:19:18.0635 0x0afc ================ Scan VBR ==================================
02:19:18.0651 0x0afc [ 477CD4308D9A40328F959569D6A06F3C ] \Device\Harddisk0\DR0\Partition1
02:19:18.0682 0x0afc \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
02:19:18.0682 0x0afc \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
02:19:18.0713 0x0afc [ 303F3BE33FE5AB1188E7148F6BF9979A ] \Device\Harddisk0\DR0\Partition2
02:19:18.0744 0x0afc \Device\Harddisk0\DR0\Partition2 - ok
02:19:18.0744 0x0afc [ A44ABAD31CCA4A849EB1FEB45814184C ] \Device\Harddisk0\DR0\Partition3
02:19:18.0822 0x0afc \Device\Harddisk0\DR0\Partition3 - ok
02:19:18.0853 0x0afc [ A802F1F5B2E2D4B609B01522F36D6004 ] \Device\Harddisk0\DR0\Partition4
02:19:18.0931 0x0afc \Device\Harddisk0\DR0\Partition4 - ok
02:19:18.0931 0x0afc ================ Scan generic autorun ======================
02:19:18.0947 0x0afc mwlDaemon - ok
02:19:19.0462 0x0afc [ 8CB8E0C93C5459B45BE1FA628FB0D761, F06830359F11515BA1CA5EC061F5B254E5A4676FBEC8AFAC23B56BB413B7E63F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
02:19:19.0821 0x0afc RtHDVCpl - ok
02:19:19.0821 0x0afc SynTPEnh - ok
02:19:19.0914 0x0afc [ 147B96A5AEA8CEF3A34D8E378EAAA9B2, AC60E8184AC0DF277C26617AAD06F13A315B459AE47D9093161FB3DD652195B1 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
02:19:19.0945 0x0afc Acer ePower Management - ok
02:19:20.0008 0x0afc [ 9ECF375A6E4E74D056F4B54E76D58721, 29C89504C369CC40BC6BEDE965F52736CB01FA70644059392C912FFB35C4ED0A ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
02:19:20.0039 0x0afc IAStorIcon - ok
02:19:20.0070 0x0afc [ 94F80155B91B8DF7A0EAD527C853D377, 3E35B686DB526592F2ABF4B3E6EAACE1E784A5552C1CE074E85661388E66C153 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
02:19:20.0101 0x0afc BackupManagerTray - ok
02:19:20.0179 0x0afc [ 5A5BF95C7410E96E04C57B06232E9965, 942CBC854CC7A729AAADE2C4E96CA20EF488701F4FA200D0FC8CEF3D35E90EF1 ] C:\Program Files (x86)\Launch Manager\LManager.exe
02:19:20.0211 0x0afc LManager - ok
02:19:20.0289 0x0afc [ A62C1C03713584382E5C8860D650F2C9, 456F34F09086809F8BA63C65EB3A99D91DD59CEADCDA478371E83A2C18F9E9C0 ] C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\EuWatch.exe
02:19:20.0320 0x0afc EaseUs Watch - detected UnsignedFile.Multi.Generic ( 1 )
02:19:20.0320 0x0afc EaseUs Watch ( UnsignedFile.Multi.Generic ) - warning
02:19:20.0382 0x0afc [ 574B0C1A95D1EA0FBA1CA700CE83E7B9, 9E6568706BD66F700C24618E208B95B0015AA26872B4337C96A83415676A031F ] C:\Program Files (x86)\Common Files\Logitech\QCDriver3\LVCOMS.EXE
02:19:20.0398 0x0afc LVCOMS - detected UnsignedFile.Multi.Generic ( 1 )
02:19:20.0398 0x0afc LVCOMS ( UnsignedFile.Multi.Generic ) - warning
02:19:20.0460 0x0afc [ 12E54BDE520DC85A611D7245DF44BCE5, 8F90F71AC97CE47D6A4F3491A48E3F857E8DEFD51E2DFDD528666AFC592E3B4E ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
02:19:20.0476 0x0afc FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
02:19:20.0476 0x0afc FreePDF Assistant ( UnsignedFile.Multi.Generic ) - warning
02:19:20.0476 0x0afc Force sending object to P2P due to detect: C:\Program Files (x86)\FreePDF_XP\fpassist.exe
02:19:20.0476 0x0afc Object send P2P result: false
02:19:20.0569 0x0afc [ B63E5C7807334A3A8F731062F15462CC, F4E501F749C10C44E8F501A34D8DD309892968BE70DA17734267BBCDDC351444 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
02:19:20.0601 0x0afc Adobe ARM - ok
02:19:20.0710 0x0afc [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
02:19:20.0725 0x0afc avgnt - ok
02:19:20.0757 0x0afc [ 51DAD159BD771681B67593B9B8289A45, 40A7277819C2D7BCA10D22DC2F443F986DF04E777D3A4A0C89CC0991B020607C ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
02:19:20.0772 0x0afc Avira Systray - ok
02:19:20.0819 0x0afc [ BE3F6956EF8FEF4AAD1F67334C406839, 606A5A6309259D89AFA9E17EA248EE63F044E371EB038812FC7CF40F1E03BCA4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
02:19:20.0850 0x0afc SunJavaUpdateSched - ok
02:19:20.0913 0x0afc AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x40000 ( disabled : updated )
02:19:20.0975 0x0afc Win FW state via NFP2: enabled
02:19:20.0975 0x0afc ============================================================
02:19:20.0975 0x0afc Scan finished
02:19:20.0975 0x0afc ============================================================
02:19:20.0991 0x04b4 Detected object count: 13
02:19:20.0991 0x04b4 Actual detected object count: 13
02:19:56.0465 0x04b4 EASEUS Agent ( UnsignedFile.Multi.Generic ) - skipped by user
02:19:56.0465 0x04b4 EASEUS Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:19:56.0465 0x04b4 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
02:19:56.0465 0x04b4 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:19:56.0465 0x04b4 EUBAKUP ( UnsignedFile.Multi.Generic ) - skipped by user
02:19:56.0465 0x04b4 EUBAKUP ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:19:56.0465 0x04b4 EuDisk ( UnsignedFile.Multi.Generic ) - skipped by user
02:19:56.0465 0x04b4 EuDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:19:56.0465 0x04b4 EUDSKACS ( UnsignedFile.Multi.Generic ) - skipped by user
02:19:56.0465 0x04b4 EUDSKACS ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:19:56.0465 0x04b4 EUFS ( UnsignedFile.Multi.Generic ) - skipped by user
02:19:56.0465 0x04b4 EUFS ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:19:56.0481 0x04b4 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
02:19:56.0481 0x04b4 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:19:56.0481 0x04b4 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
02:19:56.0481 0x04b4 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:19:56.0481 0x04b4 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
02:19:56.0481 0x04b4 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:19:56.0559 0x04b4 \Device\Harddisk0\DR0\Partition1 - copied to quarantine
02:19:56.0590 0x04b4 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
02:19:56.0621 0x04b4 \Device\Harddisk0\DR0\Partition1 - ok
02:19:56.0621 0x04b4 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
02:19:56.0621 0x04b4 EaseUs Watch ( UnsignedFile.Multi.Generic ) - skipped by user
02:19:56.0621 0x04b4 EaseUs Watch ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:19:56.0621 0x04b4 LVCOMS ( UnsignedFile.Multi.Generic ) - skipped by user
02:19:56.0621 0x04b4 LVCOMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:19:56.0621 0x04b4 FreePDF Assistant ( UnsignedFile.Multi.Generic ) - skipped by user
02:19:56.0621 0x04b4 FreePDF Assistant ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:19:56.0699 0x04b4 KLMD registered as C:\Windows\system32\drivers\16510122.sys
02:21:18.0396 0x0ebc Deinitialize success
|
|
28.08.2014, 01:59
| #14 |
| | Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst Nach der Desinfektion mit TDSSKiller: Code:
ATTFilter 02:27:38.0704 0x0d70 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
02:27:38.0767 0x0d70 ============================================================
02:27:38.0767 0x0d70 Current date / time: 2014/08/28 02:27:38.0767
02:27:38.0767 0x0d70 SystemInfo:
02:27:38.0767 0x0d70
02:27:38.0767 0x0d70 OS Version: 6.1.7601 ServicePack: 1.0
02:27:38.0767 0x0d70 Product type: Workstation
02:27:38.0767 0x0d70 ComputerName: MICHAEL-PC
02:27:38.0767 0x0d70 UserName: Michael
02:27:38.0767 0x0d70 Windows directory: C:\Windows
02:27:38.0767 0x0d70 System windows directory: C:\Windows
02:27:38.0767 0x0d70 Running under WOW64
02:27:38.0767 0x0d70 Processor architecture: Intel x64
02:27:38.0767 0x0d70 Number of processors: 4
02:27:38.0767 0x0d70 Page size: 0x1000
02:27:38.0767 0x0d70 Boot type: Normal boot
02:27:38.0767 0x0d70 ============================================================
02:27:38.0767 0x0d70 BG loaded
02:27:39.0547 0x0d70 System UUID: {D34A57AE-E91A-2D6B-DE10-56FDF63470E2}
02:27:45.0990 0x0d70 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:27:46.0114 0x0d70 ============================================================
02:27:46.0114 0x0d70 \Device\Harddisk0\DR0:
02:27:46.0146 0x0d70 MBR partitions:
02:27:46.0146 0x0d70 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
02:27:46.0146 0x0d70 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x11B34B23
02:27:47.0129 0x0d70 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x13567362, BlocksNum 0x938225D
02:27:47.0862 0x0d70 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x1C8E95FE, BlocksNum 0x1DA9B643
02:27:47.0862 0x0d70 ============================================================
02:27:48.0127 0x0d70 C: <-> \Device\Harddisk0\DR0\Partition2
02:27:49.0547 0x0d70 E: <-> \Device\Harddisk0\DR0\Partition3
02:27:52.0027 0x0d70 F: <-> \Device\Harddisk0\DR0\Partition4
02:27:52.0027 0x0d70 ============================================================
02:27:52.0027 0x0d70 Initialize success
02:27:52.0027 0x0d70 ============================================================
02:29:06.0642 0x10b4 ============================================================
02:29:06.0642 0x10b4 Scan started
02:29:06.0642 0x10b4 Mode: Manual; SigCheck; TDLFS;
02:29:06.0642 0x10b4 ============================================================
02:29:06.0642 0x10b4 KSN ping started
02:29:06.0689 0x10b4 KSN ping finished: false
02:29:07.0827 0x10b4 ================ Scan system memory ========================
02:29:07.0827 0x10b4 System memory - ok
02:29:07.0827 0x10b4 ================ Scan services =============================
02:29:08.0061 0x10b4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
02:29:08.0202 0x10b4 1394ohci - ok
02:29:08.0249 0x10b4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
02:29:08.0264 0x10b4 ACPI - ok
02:29:08.0295 0x10b4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
02:29:08.0389 0x10b4 AcpiPmi - ok
02:29:08.0514 0x10b4 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:29:08.0545 0x10b4 AdobeARMservice - ok
02:29:08.0592 0x10b4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
02:29:08.0623 0x10b4 adp94xx - ok
02:29:08.0654 0x10b4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
02:29:08.0685 0x10b4 adpahci - ok
02:29:08.0701 0x10b4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
02:29:08.0732 0x10b4 adpu320 - ok
02:29:08.0763 0x10b4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
02:29:08.0935 0x10b4 AeLookupSvc - ok
02:29:09.0013 0x10b4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
02:29:09.0075 0x10b4 AFD - ok
02:29:09.0122 0x10b4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
02:29:09.0138 0x10b4 agp440 - ok
02:29:09.0169 0x10b4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
02:29:09.0247 0x10b4 ALG - ok
02:29:09.0309 0x10b4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
02:29:09.0325 0x10b4 aliide - ok
02:29:09.0372 0x10b4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
02:29:09.0387 0x10b4 amdide - ok
02:29:09.0419 0x10b4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
02:29:09.0481 0x10b4 AmdK8 - ok
02:29:09.0512 0x10b4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
02:29:09.0621 0x10b4 AmdPPM - ok
02:29:09.0668 0x10b4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
02:29:09.0684 0x10b4 amdsata - ok
02:29:09.0731 0x10b4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
02:29:09.0762 0x10b4 amdsbs - ok
02:29:09.0762 0x10b4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
02:29:09.0793 0x10b4 amdxata - ok
02:29:09.0887 0x10b4 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
02:29:09.0918 0x10b4 AntiVirSchedulerService - ok
02:29:09.0965 0x10b4 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
02:29:09.0980 0x10b4 AntiVirService - ok
02:29:10.0043 0x10b4 [ 8275A6F8857CB98F72CBAF75770E9E10, B945A8937E95269A84C4B0EA0E202EE564B457E32DE239DCCDF9F14D9CC204C7 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
02:29:10.0074 0x10b4 AntiVirWebService - ok
02:29:10.0121 0x10b4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
02:29:10.0292 0x10b4 AppID - ok
02:29:10.0323 0x10b4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
02:29:10.0386 0x10b4 AppIDSvc - ok
02:29:10.0448 0x10b4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
02:29:10.0511 0x10b4 Appinfo - ok
02:29:10.0604 0x10b4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
02:29:10.0620 0x10b4 arc - ok
02:29:10.0635 0x10b4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
02:29:10.0651 0x10b4 arcsas - ok
02:29:10.0776 0x10b4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
02:29:10.0838 0x10b4 aspnet_state - ok
02:29:10.0854 0x10b4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
02:29:10.0901 0x10b4 AsyncMac - ok
02:29:10.0963 0x10b4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
02:29:10.0994 0x10b4 atapi - ok
02:29:11.0057 0x10b4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
02:29:11.0150 0x10b4 AudioEndpointBuilder - ok
02:29:11.0166 0x10b4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
02:29:11.0228 0x10b4 AudioSrv - ok
02:29:11.0259 0x10b4 [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
02:29:11.0291 0x10b4 avgntflt - ok
02:29:11.0337 0x10b4 [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
02:29:11.0384 0x10b4 avipbb - ok
02:29:11.0447 0x10b4 [ A59D07E02A75EDC8FA141470C5EC96C3, A20416444B3C15F85651383F8D40F4F93400B1B78A60174A2AD3A6308836ED93 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
02:29:11.0462 0x10b4 Avira.OE.ServiceHost - ok
02:29:11.0509 0x10b4 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
02:29:11.0540 0x10b4 avkmgr - ok
02:29:11.0587 0x10b4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
02:29:11.0727 0x10b4 AxInstSV - ok
02:29:11.0790 0x10b4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
02:29:11.0852 0x10b4 b06bdrv - ok
02:29:11.0883 0x10b4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
02:29:11.0930 0x10b4 b57nd60a - ok
02:29:12.0133 0x10b4 [ 2D659B569A76CDB83B815675A80D7096, 8246BD350017B6CBADA4BBDBAB8B708B0A8F1AD5ADD4B2DE1BA610B4A188C262 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
02:29:12.0242 0x10b4 BCM43XX - ok
02:29:12.0305 0x10b4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
02:29:12.0367 0x10b4 BDESVC - ok
02:29:12.0398 0x10b4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
02:29:12.0476 0x10b4 Beep - ok
02:29:12.0601 0x10b4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
02:29:12.0679 0x10b4 BFE - ok
02:29:12.0741 0x10b4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
02:29:12.0819 0x10b4 BITS - ok
02:29:12.0851 0x10b4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
02:29:12.0882 0x10b4 blbdrive - ok
02:29:12.0913 0x10b4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
02:29:12.0944 0x10b4 bowser - ok
02:29:12.0975 0x10b4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:29:13.0053 0x10b4 BrFiltLo - ok
02:29:13.0085 0x10b4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:29:13.0131 0x10b4 BrFiltUp - ok
02:29:13.0209 0x10b4 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
02:29:13.0287 0x10b4 BridgeMP - ok
02:29:13.0334 0x10b4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
02:29:13.0381 0x10b4 Browser - ok
02:29:13.0397 0x10b4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
02:29:13.0443 0x10b4 Brserid - ok
02:29:13.0459 0x10b4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
02:29:13.0490 0x10b4 BrSerWdm - ok
02:29:13.0506 0x10b4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
02:29:13.0568 0x10b4 BrUsbMdm - ok
02:29:13.0599 0x10b4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
02:29:13.0646 0x10b4 BrUsbSer - ok
02:29:13.0677 0x10b4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
02:29:13.0709 0x10b4 BTHMODEM - ok
02:29:13.0755 0x10b4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
02:29:13.0833 0x10b4 bthserv - ok
02:29:13.0865 0x10b4 catchme - ok
02:29:13.0896 0x10b4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
02:29:13.0989 0x10b4 cdfs - ok
02:29:14.0036 0x10b4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
02:29:14.0083 0x10b4 cdrom - ok
02:29:14.0145 0x10b4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
02:29:14.0208 0x10b4 CertPropSvc - ok
02:29:14.0239 0x10b4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
02:29:14.0301 0x10b4 circlass - ok
02:29:14.0333 0x10b4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
02:29:14.0364 0x10b4 CLFS - ok
02:29:14.0426 0x10b4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:29:14.0473 0x10b4 clr_optimization_v2.0.50727_32 - ok
02:29:14.0520 0x10b4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:29:14.0551 0x10b4 clr_optimization_v2.0.50727_64 - ok
02:29:14.0629 0x10b4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:29:14.0754 0x10b4 clr_optimization_v4.0.30319_32 - ok
02:29:14.0769 0x10b4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:29:14.0816 0x10b4 clr_optimization_v4.0.30319_64 - ok
02:29:14.0847 0x10b4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
02:29:14.0879 0x10b4 CmBatt - ok
02:29:14.0910 0x10b4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
02:29:14.0925 0x10b4 cmdide - ok
02:29:14.0988 0x10b4 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
02:29:15.0050 0x10b4 CNG - ok
02:29:15.0097 0x10b4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
02:29:15.0113 0x10b4 Compbatt - ok
02:29:15.0159 0x10b4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
02:29:15.0222 0x10b4 CompositeBus - ok
02:29:15.0237 0x10b4 COMSysApp - ok
02:29:15.0253 0x10b4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
02:29:15.0269 0x10b4 crcdisk - ok
02:29:15.0331 0x10b4 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
02:29:15.0393 0x10b4 CryptSvc - ok
02:29:15.0440 0x10b4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
02:29:15.0503 0x10b4 DcomLaunch - ok
02:29:15.0549 0x10b4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
02:29:15.0627 0x10b4 defragsvc - ok
02:29:15.0674 0x10b4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
02:29:15.0737 0x10b4 DfsC - ok
02:29:15.0799 0x10b4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
02:29:15.0861 0x10b4 Dhcp - ok
02:29:15.0893 0x10b4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
02:29:15.0955 0x10b4 discache - ok
02:29:15.0971 0x10b4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
02:29:15.0986 0x10b4 Disk - ok
02:29:16.0033 0x10b4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
02:29:16.0095 0x10b4 Dnscache - ok
02:29:16.0158 0x10b4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
02:29:16.0251 0x10b4 dot3svc - ok
02:29:16.0329 0x10b4 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
02:29:16.0392 0x10b4 Dot4 - ok
02:29:16.0423 0x10b4 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
02:29:16.0439 0x10b4 Dot4Print - ok
02:29:16.0454 0x10b4 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
02:29:16.0501 0x10b4 dot4usb - ok
02:29:16.0548 0x10b4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
02:29:16.0595 0x10b4 DPS - ok
02:29:16.0641 0x10b4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
02:29:16.0688 0x10b4 drmkaud - ok
02:29:16.0751 0x10b4 [ 1FCA854CEDFC2CCD0C22E46EA4EA18F1, 3508547FCE3B6ACA34511BB2C50A375E3894EBFAC656B9D1C82EA8439EFD8846 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
02:29:16.0782 0x10b4 DsiWMIService - ok
02:29:16.0829 0x10b4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
02:29:16.0875 0x10b4 DXGKrnl - ok
02:29:16.0922 0x10b4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
02:29:17.0000 0x10b4 EapHost - ok
02:29:17.0078 0x10b4 [ 2EA8CCC4AF7D9223DD397D8CCB636F5D, DCC2D68DC50703C34021583884901C93179226E57FE91CD75F77CE6C69099B30 ] EASEUS Agent C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\Agent.exe
02:29:17.0125 0x10b4 EASEUS Agent - detected UnsignedFile.Multi.Generic ( 1 )
02:29:17.0219 0x10b4 EASEUS Agent ( UnsignedFile.Multi.Generic ) - warning
02:29:17.0359 0x10b4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
02:29:17.0562 0x10b4 ebdrv - ok
02:29:17.0609 0x10b4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
02:29:17.0671 0x10b4 EFS - ok
02:29:17.0780 0x10b4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
02:29:17.0843 0x10b4 ehRecvr - ok
02:29:17.0874 0x10b4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
02:29:17.0936 0x10b4 ehSched - ok
02:29:17.0967 0x10b4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
02:29:17.0999 0x10b4 elxstor - ok
02:29:18.0045 0x10b4 [ 9EAFB3B3B60B8AD958985152A9309ACA, EC58F487D50A125DA3F747670282EA2104580CCAAF709EA494B61C7549576AE6 ] epmntdrv C:\Windows\system32\epmntdrv.sys
02:29:18.0061 0x10b4 epmntdrv - detected UnsignedFile.Multi.Generic ( 1 )
02:29:18.0061 0x10b4 epmntdrv ( UnsignedFile.Multi.Generic ) - warning
02:29:18.0186 0x10b4 [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
02:29:18.0217 0x10b4 ePowerSvc - ok
02:29:18.0248 0x10b4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
02:29:18.0295 0x10b4 ErrDev - ok
02:29:18.0326 0x10b4 [ 74A88F4B1F22F394E27792A0195505D1, 497E3281A29F5F3E1DB4B186E5EF73AE68DDC62CDF0B516DABF113D41AE68E19 ] EUBAKUP C:\Windows\system32\drivers\eubakup.sys
02:29:18.0357 0x10b4 EUBAKUP - detected UnsignedFile.Multi.Generic ( 1 )
02:29:18.0357 0x10b4 EUBAKUP ( UnsignedFile.Multi.Generic ) - warning
02:29:18.0373 0x10b4 [ A25BED567EA531F27CC87FD5B331BB02, 5C6ED7F09F4FE208B10C0674A1915C23B53642E952ED4A59ABBA1436F1795395 ] EuDisk C:\Windows\system32\DRIVERS\EuDisk.sys
02:29:18.0420 0x10b4 EuDisk - detected UnsignedFile.Multi.Generic ( 1 )
02:29:18.0420 0x10b4 EuDisk ( UnsignedFile.Multi.Generic ) - warning
02:29:18.0451 0x10b4 [ 5A720EACFE8DB9D8D28C691C09269A58, 0EFF1E37808AF410C64DED1A353109F44E3B207F286D284B1D6B36C511DBCAAE ] EUDSKACS C:\Windows\system32\drivers\eudskacs.sys
02:29:18.0482 0x10b4 EUDSKACS - detected UnsignedFile.Multi.Generic ( 1 )
02:29:18.0482 0x10b4 EUDSKACS ( UnsignedFile.Multi.Generic ) - warning
02:29:18.0498 0x10b4 [ 84F2D1D52BB527A8477B2DB2C220DD0D, EB2C909C3ED62EF20DAE3972D2896055840B0FAB7379F90B069EB20CB224F5AF ] EUFS C:\Windows\system32\drivers\eufs.sys
02:29:18.0576 0x10b4 EUFS - detected UnsignedFile.Multi.Generic ( 1 )
02:29:18.0576 0x10b4 EUFS ( UnsignedFile.Multi.Generic ) - warning
02:29:18.0607 0x10b4 [ FB949ED2C93C878A189039F3D7730942, 857AFB9965F14C80C21948C05A44D37948BD206961101DFF087735D6A7CCAA8A ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
02:29:18.0654 0x10b4 EuGdiDrv - detected UnsignedFile.Multi.Generic ( 1 )
02:29:18.0654 0x10b4 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
02:29:18.0716 0x10b4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
02:29:18.0779 0x10b4 EventSystem - ok
02:29:18.0794 0x10b4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
02:29:18.0857 0x10b4 exfat - ok
02:29:18.0888 0x10b4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
02:29:18.0950 0x10b4 fastfat - ok
02:29:19.0028 0x10b4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
02:29:19.0106 0x10b4 Fax - ok
02:29:19.0122 0x10b4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
02:29:19.0169 0x10b4 fdc - ok
02:29:19.0200 0x10b4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
02:29:19.0278 0x10b4 fdPHost - ok
02:29:19.0293 0x10b4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
02:29:19.0340 0x10b4 FDResPub - ok
02:29:19.0371 0x10b4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
02:29:19.0403 0x10b4 FileInfo - ok
02:29:19.0418 0x10b4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
02:29:19.0512 0x10b4 Filetrace - ok
02:29:19.0590 0x10b4 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
02:29:19.0637 0x10b4 FLEXnet Licensing Service - ok
02:29:19.0668 0x10b4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
02:29:19.0699 0x10b4 flpydisk - ok
02:29:19.0746 0x10b4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
02:29:19.0777 0x10b4 FltMgr - ok
02:29:19.0855 0x10b4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
02:29:19.0933 0x10b4 FontCache - ok
02:29:19.0995 0x10b4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:29:20.0027 0x10b4 FontCache3.0.0.0 - ok
02:29:20.0058 0x10b4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
02:29:20.0073 0x10b4 FsDepends - ok
02:29:20.0120 0x10b4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
02:29:20.0151 0x10b4 Fs_Rec - ok
02:29:20.0183 0x10b4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
02:29:20.0214 0x10b4 fvevol - ok
02:29:20.0229 0x10b4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
02:29:20.0245 0x10b4 gagp30kx - ok
02:29:20.0307 0x10b4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
02:29:20.0385 0x10b4 gpsvc - ok
02:29:20.0448 0x10b4 [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
02:29:20.0463 0x10b4 GREGService - ok
02:29:20.0479 0x10b4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
02:29:20.0541 0x10b4 hcw85cir - ok
02:29:20.0604 0x10b4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
02:29:20.0666 0x10b4 HdAudAddService - ok
02:29:20.0682 0x10b4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
02:29:20.0713 0x10b4 HDAudBus - ok
02:29:20.0760 0x10b4 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
02:29:20.0791 0x10b4 HECIx64 - ok
02:29:20.0822 0x10b4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
02:29:20.0853 0x10b4 HidBatt - ok
02:29:20.0885 0x10b4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
02:29:20.0931 0x10b4 HidBth - ok
02:29:20.0947 0x10b4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
02:29:20.0994 0x10b4 HidIr - ok
02:29:21.0009 0x10b4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
02:29:21.0087 0x10b4 hidserv - ok
02:29:21.0134 0x10b4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
02:29:21.0181 0x10b4 HidUsb - ok
02:29:21.0228 0x10b4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
02:29:21.0290 0x10b4 hkmsvc - ok
02:29:21.0337 0x10b4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
02:29:21.0446 0x10b4 HomeGroupListener - ok
02:29:21.0493 0x10b4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
02:29:21.0524 0x10b4 HomeGroupProvider - ok
02:29:21.0555 0x10b4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
02:29:21.0571 0x10b4 HpSAMD - ok
02:29:21.0633 0x10b4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
02:29:21.0711 0x10b4 HTTP - ok
02:29:21.0743 0x10b4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
02:29:21.0774 0x10b4 hwpolicy - ok
02:29:21.0821 0x10b4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
02:29:21.0852 0x10b4 i8042prt - ok
02:29:21.0899 0x10b4 [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
02:29:21.0930 0x10b4 iaStor - ok
02:29:21.0992 0x10b4 [ 6B24D1C3096DE796D15571079EA5E98C, 89566A7BDEDA7A663110F72B6301998651937E1E3E541EAB054169CEC8C7353F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
02:29:22.0008 0x10b4 IAStorDataMgrSvc - ok
02:29:22.0070 0x10b4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
02:29:22.0117 0x10b4 iaStorV - ok
02:29:22.0211 0x10b4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:29:22.0273 0x10b4 idsvc - ok
02:29:22.0304 0x10b4 IEEtwCollectorService - ok
02:29:22.0335 0x10b4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
02:29:22.0351 0x10b4 iirsp - ok
02:29:22.0398 0x10b4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
02:29:22.0445 0x10b4 IKEEXT - ok
02:29:22.0585 0x10b4 [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
02:29:22.0663 0x10b4 IntcAzAudAddService - ok
02:29:22.0741 0x10b4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
02:29:22.0772 0x10b4 intelide - ok
02:29:22.0803 0x10b4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
02:29:22.0835 0x10b4 intelppm - ok
02:29:22.0897 0x10b4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
02:29:22.0959 0x10b4 IPBusEnum - ok
02:29:22.0975 0x10b4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:29:23.0037 0x10b4 IpFilterDriver - ok
02:29:23.0100 0x10b4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
02:29:23.0131 0x10b4 iphlpsvc - ok
02:29:23.0162 0x10b4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
02:29:23.0178 0x10b4 IPMIDRV - ok
02:29:23.0225 0x10b4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
02:29:23.0303 0x10b4 IPNAT - ok
02:29:23.0334 0x10b4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
02:29:23.0427 0x10b4 IRENUM - ok
02:29:23.0474 0x10b4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
02:29:23.0505 0x10b4 isapnp - ok
02:29:23.0552 0x10b4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
02:29:23.0599 0x10b4 iScsiPrt - ok
02:29:23.0677 0x10b4 [ 37E053A2CF8F0082B689ED74106E0CEC, 431D3A3212152A76878C9CA347056B62B2A5A3E0211C4D930639C426EE73A0B7 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
02:29:23.0708 0x10b4 k57nd60a - ok
02:29:23.0739 0x10b4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
02:29:23.0755 0x10b4 kbdclass - ok
02:29:23.0802 0x10b4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
02:29:23.0817 0x10b4 kbdhid - ok
02:29:23.0849 0x10b4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
02:29:23.0864 0x10b4 KeyIso - ok
02:29:23.0895 0x10b4 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
02:29:23.0911 0x10b4 KSecDD - ok
02:29:23.0942 0x10b4 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
02:29:23.0973 0x10b4 KSecPkg - ok
02:29:23.0989 0x10b4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
02:29:24.0067 0x10b4 ksthunk - ok
02:29:24.0098 0x10b4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
02:29:24.0161 0x10b4 KtmRm - ok
02:29:24.0223 0x10b4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
02:29:24.0301 0x10b4 LanmanServer - ok
02:29:24.0332 0x10b4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
02:29:24.0395 0x10b4 LanmanWorkstation - ok
02:29:24.0426 0x10b4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
02:29:24.0473 0x10b4 lltdio - ok
02:29:24.0519 0x10b4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
02:29:24.0597 0x10b4 lltdsvc - ok
02:29:24.0613 0x10b4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
02:29:24.0660 0x10b4 lmhosts - ok
02:29:24.0738 0x10b4 [ DBC1136A62BD4DECC3632DF650284C2E, 2D6344357D21A9062019C7DDF3DB440ABC724CDA925471BBFA8CCAC65E6A2C80 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
02:29:24.0785 0x10b4 LMS - ok
02:29:24.0800 0x10b4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
02:29:24.0831 0x10b4 LSI_FC - ok
02:29:24.0847 0x10b4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
02:29:24.0863 0x10b4 LSI_SAS - ok
02:29:24.0878 0x10b4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:29:24.0894 0x10b4 LSI_SAS2 - ok
02:29:24.0909 0x10b4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:29:24.0925 0x10b4 LSI_SCSI - ok
02:29:24.0941 0x10b4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
02:29:25.0003 0x10b4 luafv - ok
02:29:25.0065 0x10b4 [ 7AEAC0B5B185CB5601673A0462C7EC36, B79FB5094F32F11CE2969CD08DB0EBC695D150BA2200179EB6C3BBAEEDB857B2 ] massfilter C:\Windows\system32\DRIVERS\massfilter.sys
02:29:25.0112 0x10b4 massfilter - ok
02:29:25.0143 0x10b4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
02:29:25.0190 0x10b4 Mcx2Svc - ok
02:29:25.0206 0x10b4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
02:29:25.0253 0x10b4 megasas - ok
02:29:25.0268 0x10b4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
02:29:25.0299 0x10b4 MegaSR - ok
02:29:25.0315 0x10b4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
02:29:25.0377 0x10b4 MMCSS - ok
02:29:25.0393 0x10b4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
02:29:25.0440 0x10b4 Modem - ok
02:29:25.0487 0x10b4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
02:29:25.0518 0x10b4 monitor - ok
02:29:25.0549 0x10b4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
02:29:25.0565 0x10b4 mouclass - ok
02:29:25.0580 0x10b4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
02:29:25.0611 0x10b4 mouhid - ok
02:29:25.0658 0x10b4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
02:29:25.0705 0x10b4 mountmgr - ok
02:29:25.0799 0x10b4 [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:29:25.0845 0x10b4 MozillaMaintenance - ok
02:29:25.0877 0x10b4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
02:29:25.0923 0x10b4 mpio - ok
02:29:25.0955 0x10b4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
02:29:26.0001 0x10b4 mpsdrv - ok
02:29:26.0064 0x10b4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
02:29:26.0126 0x10b4 MpsSvc - ok
02:29:26.0157 0x10b4 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
02:29:26.0204 0x10b4 MRxDAV - ok
02:29:26.0220 0x10b4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
02:29:26.0267 0x10b4 mrxsmb - ok
02:29:26.0298 0x10b4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:29:26.0345 0x10b4 mrxsmb10 - ok
02:29:26.0360 0x10b4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:29:26.0407 0x10b4 mrxsmb20 - ok
02:29:26.0454 0x10b4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
02:29:26.0485 0x10b4 msahci - ok
02:29:26.0501 0x10b4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
02:29:26.0532 0x10b4 msdsm - ok
02:29:26.0547 0x10b4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
02:29:26.0594 0x10b4 MSDTC - ok
02:29:26.0641 0x10b4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
02:29:26.0703 0x10b4 Msfs - ok
02:29:26.0719 0x10b4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
02:29:26.0781 0x10b4 mshidkmdf - ok
02:29:26.0813 0x10b4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
02:29:26.0828 0x10b4 msisadrv - ok
02:29:26.0844 0x10b4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
02:29:26.0922 0x10b4 MSiSCSI - ok
02:29:26.0922 0x10b4 msiserver - ok
02:29:26.0953 0x10b4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
02:29:27.0015 0x10b4 MSKSSRV - ok
02:29:27.0031 0x10b4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
02:29:27.0093 0x10b4 MSPCLOCK - ok
02:29:27.0093 0x10b4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
02:29:27.0140 0x10b4 MSPQM - ok
02:29:27.0187 0x10b4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
02:29:27.0234 0x10b4 MsRPC - ok
02:29:27.0265 0x10b4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
02:29:27.0265 0x10b4 mssmbios - ok
02:29:27.0296 0x10b4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
02:29:27.0343 0x10b4 MSTEE - ok
02:29:27.0359 0x10b4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
02:29:27.0405 0x10b4 MTConfig - ok
02:29:27.0421 0x10b4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
02:29:27.0452 0x10b4 Mup - ok
02:29:27.0499 0x10b4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
02:29:27.0577 0x10b4 napagent - ok
02:29:27.0624 0x10b4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
02:29:27.0671 0x10b4 NativeWifiP - ok
02:29:27.0749 0x10b4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
02:29:27.0780 0x10b4 NDIS - ok
02:29:27.0811 0x10b4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
02:29:27.0873 0x10b4 NdisCap - ok
02:29:27.0889 0x10b4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
02:29:27.0951 0x10b4 NdisTapi - ok
02:29:27.0998 0x10b4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
02:29:28.0061 0x10b4 Ndisuio - ok
02:29:28.0092 0x10b4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
02:29:28.0139 0x10b4 NdisWan - ok
02:29:28.0170 0x10b4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
02:29:28.0217 0x10b4 NDProxy - ok
02:29:28.0263 0x10b4 [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
02:29:28.0279 0x10b4 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
02:29:28.0279 0x10b4 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
02:29:28.0326 0x10b4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
02:29:28.0404 0x10b4 NetBIOS - ok
02:29:28.0435 0x10b4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
02:29:28.0497 0x10b4 NetBT - ok
02:29:28.0529 0x10b4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
02:29:28.0544 0x10b4 Netlogon - ok
02:29:28.0607 0x10b4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
02:29:28.0700 0x10b4 Netman - ok
02:29:28.0747 0x10b4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:29:28.0794 0x10b4 NetMsmqActivator - ok
02:29:28.0825 0x10b4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:29:28.0856 0x10b4 NetPipeActivator - ok
02:29:28.0872 0x10b4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
02:29:28.0950 0x10b4 netprofm - ok
02:29:28.0997 0x10b4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:29:29.0012 0x10b4 NetTcpActivator - ok
02:29:29.0012 0x10b4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:29:29.0043 0x10b4 NetTcpPortSharing - ok
02:29:29.0059 0x10b4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
02:29:29.0075 0x10b4 nfrd960 - ok
02:29:29.0106 0x10b4 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
02:29:29.0137 0x10b4 NlaSvc - ok
02:29:29.0153 0x10b4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
02:29:29.0215 0x10b4 Npfs - ok
02:29:29.0246 0x10b4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
02:29:29.0293 0x10b4 nsi - ok
02:29:29.0324 0x10b4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
02:29:29.0371 0x10b4 nsiproxy - ok
02:29:29.0480 0x10b4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
02:29:29.0558 0x10b4 Ntfs - ok
02:29:29.0605 0x10b4 [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
02:29:29.0636 0x10b4 NTI IScheduleSvc - ok
02:29:29.0667 0x10b4 [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
02:29:29.0683 0x10b4 NTIDrvr - ok
02:29:29.0699 0x10b4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
02:29:29.0777 0x10b4 Null - ok
02:29:29.0823 0x10b4 [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
02:29:29.0886 0x10b4 NVHDA - ok
02:29:30.0323 0x10b4 [ B4402E1D61A3015FC29BEF94BB1C81FD, 5D82BD1B94521B1748FA9C542BDD18B5B362317E5EE89D21F6A74FC4D51E5DF8 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
02:29:30.0650 0x10b4 nvlddmkm - ok
02:29:30.0759 0x10b4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
02:29:30.0806 0x10b4 nvraid - ok
02:29:30.0806 0x10b4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
02:29:30.0837 0x10b4 nvstor - ok
02:29:30.0884 0x10b4 [ 3446574A40B1F355B9CE636FC49DA5F1, 694C634B1316D81D7937F66A87C310A34BA7165AD292CAE2F6F34AAEC67895D9 ] nvsvc C:\Windows\system32\nvvsvc.exe
02:29:30.0900 0x10b4 nvsvc - ok
02:29:30.0947 0x10b4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
02:29:30.0962 0x10b4 nv_agp - ok
02:29:30.0978 0x10b4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
02:29:31.0009 0x10b4 ohci1394 - ok
02:29:31.0071 0x10b4 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:29:31.0118 0x10b4 ose - ok
02:29:31.0149 0x10b4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
02:29:31.0196 0x10b4 p2pimsvc - ok
02:29:31.0227 0x10b4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
02:29:31.0290 0x10b4 p2psvc - ok
02:29:31.0305 0x10b4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
02:29:31.0352 0x10b4 Parport - ok
02:29:31.0383 0x10b4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
02:29:31.0399 0x10b4 partmgr - ok
02:29:31.0430 0x10b4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
02:29:31.0461 0x10b4 PcaSvc - ok
02:29:31.0477 0x10b4 pccsmcfd - ok
02:29:31.0524 0x10b4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
02:29:31.0555 0x10b4 pci - ok
02:29:31.0586 0x10b4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
02:29:31.0602 0x10b4 pciide - ok
02:29:31.0633 0x10b4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
02:29:31.0649 0x10b4 pcmcia - ok
02:29:31.0680 0x10b4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
02:29:31.0695 0x10b4 pcw - ok
02:29:31.0727 0x10b4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
02:29:31.0789 0x10b4 PEAUTH - ok
02:29:31.0883 0x10b4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
02:29:31.0929 0x10b4 PerfHost - ok
02:29:32.0023 0x10b4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
02:29:32.0132 0x10b4 pla - ok
02:29:32.0163 0x10b4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
02:29:32.0210 0x10b4 PlugPlay - ok
02:29:32.0257 0x10b4 [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
02:29:32.0304 0x10b4 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
02:29:32.0304 0x10b4 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
02:29:32.0319 0x10b4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
02:29:32.0366 0x10b4 PNRPAutoReg - ok
02:29:32.0397 0x10b4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
02:29:32.0429 0x10b4 PNRPsvc - ok
02:29:32.0475 0x10b4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
02:29:32.0553 0x10b4 PolicyAgent - ok
02:29:32.0585 0x10b4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
02:29:32.0616 0x10b4 Power - ok
02:29:32.0663 0x10b4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
02:29:32.0725 0x10b4 PptpMiniport - ok
02:29:32.0756 0x10b4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
02:29:32.0772 0x10b4 Processor - ok
02:29:32.0803 0x10b4 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
02:29:32.0834 0x10b4 ProfSvc - ok
02:29:32.0850 0x10b4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
02:29:32.0865 0x10b4 ProtectedStorage - ok
02:29:32.0912 0x10b4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
02:29:32.0975 0x10b4 Psched - ok
02:29:33.0037 0x10b4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
02:29:33.0099 0x10b4 ql2300 - ok
02:29:33.0115 0x10b4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
02:29:33.0146 0x10b4 ql40xx - ok
02:29:33.0177 0x10b4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
02:29:33.0224 0x10b4 QWAVE - ok
02:29:33.0255 0x10b4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
02:29:33.0287 0x10b4 QWAVEdrv - ok
02:29:33.0302 0x10b4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
02:29:33.0349 0x10b4 RasAcd - ok
02:29:33.0396 0x10b4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
02:29:33.0458 0x10b4 RasAgileVpn - ok
02:29:33.0489 0x10b4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
02:29:33.0583 0x10b4 RasAuto - ok
02:29:33.0614 0x10b4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
02:29:33.0708 0x10b4 Rasl2tp - ok
02:29:33.0739 0x10b4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
02:29:33.0801 0x10b4 RasMan - ok
02:29:33.0833 0x10b4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
02:29:33.0879 0x10b4 RasPppoe - ok
02:29:33.0895 0x10b4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
02:29:33.0957 0x10b4 RasSstp - ok
02:29:33.0989 0x10b4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
02:29:34.0067 0x10b4 rdbss - ok
02:29:34.0082 0x10b4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
02:29:34.0113 0x10b4 rdpbus - ok
02:29:34.0129 0x10b4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
02:29:34.0191 0x10b4 RDPCDD - ok
02:29:34.0223 0x10b4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
02:29:34.0285 0x10b4 RDPENCDD - ok
02:29:34.0301 0x10b4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
02:29:34.0347 0x10b4 RDPREFMP - ok
02:29:34.0394 0x10b4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
02:29:34.0425 0x10b4 RdpVideoMiniport - ok
02:29:34.0472 0x10b4 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
02:29:34.0550 0x10b4 RDPWD - ok
02:29:34.0597 0x10b4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
02:29:34.0644 0x10b4 rdyboost - ok
02:29:34.0691 0x10b4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
02:29:34.0784 0x10b4 RemoteAccess - ok
02:29:34.0815 0x10b4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
02:29:34.0862 0x10b4 RemoteRegistry - ok
02:29:34.0878 0x10b4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
02:29:34.0940 0x10b4 RpcEptMapper - ok
02:29:34.0971 0x10b4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
02:29:35.0018 0x10b4 RpcLocator - ok
02:29:35.0065 0x10b4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
02:29:35.0127 0x10b4 RpcSs - ok
02:29:35.0159 0x10b4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
02:29:35.0205 0x10b4 rspndr - ok
02:29:35.0252 0x10b4 [ 763AE0C6D9DF4C24B7E2C26036A8188A, 1728D9BDF910324988B3D28459AB0A15C57CBBA79D2DFE377342DF3486BA9D48 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
02:29:35.0299 0x10b4 RSUSBSTOR - ok
02:29:35.0315 0x10b4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
02:29:35.0330 0x10b4 SamSs - ok
02:29:35.0361 0x10b4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
02:29:35.0408 0x10b4 sbp2port - ok
02:29:35.0455 0x10b4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
02:29:35.0502 0x10b4 SCardSvr - ok
02:29:35.0549 0x10b4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
02:29:35.0627 0x10b4 scfilter - ok
02:29:35.0673 0x10b4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
02:29:35.0751 0x10b4 Schedule - ok
02:29:35.0798 0x10b4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
02:29:35.0829 0x10b4 SCPolicySvc - ok
02:29:35.0845 0x10b4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
02:29:35.0892 0x10b4 SDRSVC - ok
02:29:35.0923 0x10b4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
02:29:35.0970 0x10b4 secdrv - ok
02:29:36.0017 0x10b4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
02:29:36.0079 0x10b4 seclogon - ok
02:29:36.0110 0x10b4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
02:29:36.0173 0x10b4 SENS - ok
02:29:36.0173 0x10b4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
02:29:36.0219 0x10b4 SensrSvc - ok
02:29:36.0219 0x10b4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
02:29:36.0251 0x10b4 Serenum - ok
02:29:36.0282 0x10b4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
02:29:36.0329 0x10b4 Serial - ok
02:29:36.0360 0x10b4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
02:29:36.0391 0x10b4 sermouse - ok
02:29:36.0438 0x10b4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
02:29:36.0500 0x10b4 SessionEnv - ok
02:29:36.0531 0x10b4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
02:29:36.0578 0x10b4 sffdisk - ok
02:29:36.0594 0x10b4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
02:29:36.0641 0x10b4 sffp_mmc - ok
02:29:36.0656 0x10b4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
02:29:36.0687 0x10b4 sffp_sd - ok
02:29:36.0703 0x10b4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
02:29:36.0734 0x10b4 sfloppy - ok
02:29:36.0797 0x10b4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
02:29:36.0875 0x10b4 SharedAccess - ok
02:29:36.0921 0x10b4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
02:29:36.0968 0x10b4 ShellHWDetection - ok
02:29:36.0984 0x10b4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:29:37.0015 0x10b4 SiSRaid2 - ok
02:29:37.0015 0x10b4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
02:29:37.0046 0x10b4 SiSRaid4 - ok
02:29:37.0109 0x10b4 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
02:29:37.0140 0x10b4 SkypeUpdate - ok
02:29:37.0171 0x10b4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
02:29:37.0233 0x10b4 Smb - ok
02:29:37.0296 0x10b4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
02:29:37.0327 0x10b4 SNMPTRAP - ok
02:29:37.0343 0x10b4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
02:29:37.0358 0x10b4 spldr - ok
02:29:37.0421 0x10b4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
02:29:37.0483 0x10b4 Spooler - ok
02:29:37.0639 0x10b4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
02:29:37.0889 0x10b4 sppsvc - ok
02:29:37.0935 0x10b4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
02:29:37.0998 0x10b4 sppuinotify - ok
02:29:38.0029 0x10b4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
02:29:38.0091 0x10b4 srv - ok
02:29:38.0138 0x10b4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
02:29:38.0185 0x10b4 srv2 - ok
02:29:38.0201 0x10b4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
02:29:38.0216 0x10b4 srvnet - ok
02:29:38.0263 0x10b4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
02:29:38.0325 0x10b4 SSDPSRV - ok
02:29:38.0341 0x10b4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
02:29:38.0403 0x10b4 SstpSvc - ok
02:29:38.0419 0x10b4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
02:29:38.0435 0x10b4 stexstor - ok
02:29:38.0513 0x10b4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
02:29:38.0559 0x10b4 stisvc - ok
02:29:38.0575 0x10b4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
02:29:38.0606 0x10b4 swenum - ok
02:29:38.0637 0x10b4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
02:29:38.0700 0x10b4 swprv - ok
02:29:38.0747 0x10b4 [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
02:29:38.0778 0x10b4 SynTP - ok
02:29:38.0871 0x10b4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
02:29:38.0949 0x10b4 SysMain - ok
02:29:38.0996 0x10b4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
02:29:39.0027 0x10b4 TabletInputService - ok
02:29:39.0059 0x10b4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
02:29:39.0121 0x10b4 TapiSrv - ok
02:29:39.0137 0x10b4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
02:29:39.0183 0x10b4 TBS - ok
02:29:39.0293 0x10b4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
02:29:39.0402 0x10b4 Tcpip - ok
02:29:39.0464 0x10b4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
02:29:39.0527 0x10b4 TCPIP6 - ok
02:29:39.0558 0x10b4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
02:29:39.0589 0x10b4 tcpipreg - ok
02:29:39.0620 0x10b4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
02:29:39.0667 0x10b4 TDPIPE - ok
02:29:39.0698 0x10b4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
02:29:39.0729 0x10b4 TDTCP - ok
02:29:39.0761 0x10b4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
02:29:39.0854 0x10b4 tdx - ok
02:29:39.0870 0x10b4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
02:29:39.0885 0x10b4 TermDD - ok
02:29:39.0948 0x10b4 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
02:29:40.0026 0x10b4 TermService - ok
02:29:40.0057 0x10b4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
02:29:40.0073 0x10b4 Themes - ok
02:29:40.0088 0x10b4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
02:29:40.0135 0x10b4 THREADORDER - ok
02:29:40.0166 0x10b4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
02:29:40.0229 0x10b4 TrkWks - ok
02:29:40.0291 0x10b4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
02:29:40.0369 0x10b4 TrustedInstaller - ok
02:29:40.0400 0x10b4 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
02:29:40.0447 0x10b4 tssecsrv - ok
02:29:40.0478 0x10b4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
02:29:40.0556 0x10b4 TsUsbFlt - ok
02:29:40.0634 0x10b4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
02:29:40.0697 0x10b4 tunnel - ok
02:29:40.0712 0x10b4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
02:29:40.0728 0x10b4 uagp35 - ok
02:29:40.0759 0x10b4 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
02:29:40.0790 0x10b4 UBHelper - ok
02:29:40.0837 0x10b4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
02:29:40.0931 0x10b4 udfs - ok
02:29:40.0962 0x10b4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
02:29:40.0978 0x10b4 UI0Detect - ok
02:29:41.0009 0x10b4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
02:29:41.0024 0x10b4 uliagpkx - ok
02:29:41.0071 0x10b4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
02:29:41.0118 0x10b4 umbus - ok
02:29:41.0180 0x10b4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
02:29:41.0212 0x10b4 UmPass - ok
02:29:41.0352 0x10b4 [ 7466809E6DA561D60C2F1CE8EDE3C73F, A3185049282A51B17C3DA839AF7E90F1CD395B2FB5587514EB2D65CB22854E2C ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
02:29:41.0430 0x10b4 UNS - ok
02:29:41.0492 0x10b4 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
02:29:41.0508 0x10b4 Updater Service - ok
02:29:41.0539 0x10b4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
02:29:41.0617 0x10b4 upnphost - ok
02:29:41.0648 0x10b4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
02:29:41.0680 0x10b4 usbccgp - ok
02:29:41.0726 0x10b4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
02:29:41.0804 0x10b4 usbcir - ok
02:29:41.0836 0x10b4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
02:29:41.0898 0x10b4 usbehci - ok
02:29:41.0929 0x10b4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
02:29:41.0992 0x10b4 usbhub - ok
02:29:42.0038 0x10b4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
02:29:42.0054 0x10b4 usbohci - ok
02:29:42.0085 0x10b4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
02:29:42.0116 0x10b4 usbprint - ok
02:29:42.0179 0x10b4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
02:29:42.0226 0x10b4 usbscan - ok
02:29:42.0257 0x10b4 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\drivers\usbser.sys
02:29:42.0304 0x10b4 usbser - ok
02:29:42.0335 0x10b4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:29:42.0382 0x10b4 USBSTOR - ok
02:29:42.0397 0x10b4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
02:29:42.0428 0x10b4 usbuhci - ok
02:29:42.0475 0x10b4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
02:29:42.0538 0x10b4 usbvideo - ok
02:29:42.0569 0x10b4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
02:29:42.0678 0x10b4 UxSms - ok
02:29:42.0694 0x10b4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
02:29:42.0709 0x10b4 VaultSvc - ok
02:29:42.0756 0x10b4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
02:29:42.0787 0x10b4 vdrvroot - ok
02:29:42.0850 0x10b4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
02:29:42.0912 0x10b4 vds - ok
02:29:42.0943 0x10b4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
02:29:42.0974 0x10b4 vga - ok
02:29:42.0990 0x10b4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
02:29:43.0037 0x10b4 VgaSave - ok
02:29:43.0068 0x10b4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
02:29:43.0099 0x10b4 vhdmp - ok
02:29:43.0130 0x10b4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
02:29:43.0146 0x10b4 viaide - ok
02:29:43.0162 0x10b4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
02:29:43.0177 0x10b4 volmgr - ok
02:29:43.0224 0x10b4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
02:29:43.0271 0x10b4 volmgrx - ok
02:29:43.0302 0x10b4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
02:29:43.0333 0x10b4 volsnap - ok
02:29:43.0349 0x10b4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
02:29:43.0380 0x10b4 vsmraid - ok
02:29:43.0474 0x10b4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
02:29:43.0598 0x10b4 VSS - ok
02:29:43.0614 0x10b4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
02:29:43.0645 0x10b4 vwifibus - ok
02:29:43.0676 0x10b4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
02:29:43.0723 0x10b4 vwififlt - ok
02:29:43.0739 0x10b4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
02:29:43.0754 0x10b4 vwifimp - ok
02:29:43.0817 0x10b4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
02:29:43.0926 0x10b4 W32Time - ok
02:29:43.0942 0x10b4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
02:29:43.0973 0x10b4 WacomPen - ok
02:29:44.0020 0x10b4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
02:29:44.0098 0x10b4 WANARP - ok
02:29:44.0098 0x10b4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
02:29:44.0144 0x10b4 Wanarpv6 - ok
02:29:44.0238 0x10b4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
02:29:44.0347 0x10b4 wbengine - ok
02:29:44.0378 0x10b4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
02:29:44.0425 0x10b4 WbioSrvc - ok
02:29:44.0456 0x10b4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
02:29:44.0519 0x10b4 wcncsvc - ok
02:29:44.0534 0x10b4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
02:29:44.0597 0x10b4 WcsPlugInService - ok
02:29:44.0628 0x10b4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
02:29:44.0659 0x10b4 Wd - ok
02:29:44.0722 0x10b4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
02:29:44.0768 0x10b4 Wdf01000 - ok
02:29:44.0784 0x10b4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
02:29:44.0878 0x10b4 WdiServiceHost - ok
02:29:44.0878 0x10b4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
02:29:44.0909 0x10b4 WdiSystemHost - ok
02:29:44.0956 0x10b4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
02:29:44.0987 0x10b4 WebClient - ok
02:29:45.0018 0x10b4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
02:29:45.0127 0x10b4 Wecsvc - ok
02:29:45.0127 0x10b4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
02:29:45.0190 0x10b4 wercplsupport - ok
02:29:45.0236 0x10b4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
02:29:45.0330 0x10b4 WerSvc - ok
02:29:45.0361 0x10b4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
02:29:45.0392 0x10b4 WfpLwf - ok
02:29:45.0408 0x10b4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
02:29:45.0424 0x10b4 WIMMount - ok
02:29:45.0455 0x10b4 WinDefend - ok
02:29:45.0470 0x10b4 WinHttpAutoProxySvc - ok
02:29:45.0533 0x10b4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
02:29:45.0611 0x10b4 Winmgmt - ok
02:29:45.0704 0x10b4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
02:29:45.0829 0x10b4 WinRM - ok
02:29:45.0892 0x10b4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
02:29:45.0938 0x10b4 WinUsb - ok
02:29:45.0985 0x10b4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
02:29:46.0032 0x10b4 Wlansvc - ok
02:29:46.0188 0x10b4 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:29:46.0250 0x10b4 wlidsvc - ok
02:29:46.0360 0x10b4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
02:29:46.0391 0x10b4 WmiAcpi - ok
02:29:46.0438 0x10b4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
02:29:46.0484 0x10b4 wmiApSrv - ok
02:29:46.0516 0x10b4 WMPNetworkSvc - ok
02:29:46.0531 0x10b4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
02:29:46.0609 0x10b4 WPCSvc - ok
02:29:46.0640 0x10b4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
02:29:46.0656 0x10b4 WPDBusEnum - ok
02:29:46.0687 0x10b4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
02:29:46.0750 0x10b4 ws2ifsl - ok
02:29:46.0781 0x10b4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
02:29:46.0812 0x10b4 wscsvc - ok
02:29:46.0812 0x10b4 WSearch - ok
02:29:46.0984 0x10b4 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
02:29:47.0062 0x10b4 wuauserv - ok
02:29:47.0093 0x10b4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
02:29:47.0186 0x10b4 WudfPf - ok
02:29:47.0233 0x10b4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
02:29:47.0296 0x10b4 WUDFRd - ok
02:29:47.0342 0x10b4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
02:29:47.0405 0x10b4 wudfsvc - ok
02:29:47.0483 0x10b4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
02:29:47.0592 0x10b4 WwanSvc - ok
02:29:47.0701 0x10b4 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
02:29:47.0764 0x10b4 ZTEusbmdm6k - ok
02:29:47.0857 0x10b4 [ 9E74E0D096F8023A68A262A012153182, 133EE39960D9F9E7A24566B5784E8E247ABC0F127CAC7AFA1CF5A4E2C9CC7A9F ] ZTEusbnet C:\Windows\system32\DRIVERS\ZTEusbnet.sys
02:29:47.0951 0x10b4 ZTEusbnet - ok
02:29:48.0044 0x10b4 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
02:29:48.0091 0x10b4 ZTEusbnmea - ok
02:29:48.0138 0x10b4 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
02:29:48.0185 0x10b4 ZTEusbser6k - ok
02:29:48.0294 0x10b4 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbvoice C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
02:29:48.0341 0x10b4 ZTEusbvoice - ok
02:29:48.0403 0x10b4 ================ Scan global ===============================
02:29:48.0466 0x10b4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
02:29:48.0590 0x10b4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
02:29:48.0668 0x10b4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
02:29:48.0731 0x10b4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
02:29:48.0856 0x10b4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
02:29:48.0871 0x10b4 [ Global ] - ok
02:29:48.0871 0x10b4 ================ Scan MBR ==================================
02:29:48.0902 0x10b4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
02:29:54.0534 0x10b4 \Device\Harddisk0\DR0 - ok
02:29:54.0534 0x10b4 ================ Scan VBR ==================================
02:29:54.0550 0x10b4 [ D40AFB99130A55B31620D97BD6B87A93 ] \Device\Harddisk0\DR0\Partition1
02:29:54.0565 0x10b4 \Device\Harddisk0\DR0\Partition1 - ok
02:29:54.0565 0x10b4 [ 303F3BE33FE5AB1188E7148F6BF9979A ] \Device\Harddisk0\DR0\Partition2
02:29:54.0612 0x10b4 \Device\Harddisk0\DR0\Partition2 - ok
02:29:54.0612 0x10b4 [ A44ABAD31CCA4A849EB1FEB45814184C ] \Device\Harddisk0\DR0\Partition3
02:29:54.0643 0x10b4 \Device\Harddisk0\DR0\Partition3 - ok
02:29:54.0659 0x10b4 [ A802F1F5B2E2D4B609B01522F36D6004 ] \Device\Harddisk0\DR0\Partition4
02:29:54.0690 0x10b4 \Device\Harddisk0\DR0\Partition4 - ok
02:29:54.0690 0x10b4 ================ Scan generic autorun ======================
02:29:54.0721 0x10b4 mwlDaemon - ok
02:29:55.0111 0x10b4 [ 8CB8E0C93C5459B45BE1FA628FB0D761, F06830359F11515BA1CA5EC061F5B254E5A4676FBEC8AFAC23B56BB413B7E63F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
02:29:55.0392 0x10b4 RtHDVCpl - ok
02:29:55.0392 0x10b4 SynTPEnh - ok
02:29:55.0486 0x10b4 [ 147B96A5AEA8CEF3A34D8E378EAAA9B2, AC60E8184AC0DF277C26617AAD06F13A315B459AE47D9093161FB3DD652195B1 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
02:29:55.0532 0x10b4 Acer ePower Management - ok
02:29:55.0610 0x10b4 [ 9ECF375A6E4E74D056F4B54E76D58721, 29C89504C369CC40BC6BEDE965F52736CB01FA70644059392C912FFB35C4ED0A ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
02:29:55.0642 0x10b4 IAStorIcon - ok
02:29:55.0673 0x10b4 [ 94F80155B91B8DF7A0EAD527C853D377, 3E35B686DB526592F2ABF4B3E6EAACE1E784A5552C1CE074E85661388E66C153 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
02:29:55.0688 0x10b4 BackupManagerTray - ok
02:29:55.0766 0x10b4 [ 5A5BF95C7410E96E04C57B06232E9965, 942CBC854CC7A729AAADE2C4E96CA20EF488701F4FA200D0FC8CEF3D35E90EF1 ] C:\Program Files (x86)\Launch Manager\LManager.exe
02:29:55.0798 0x10b4 LManager - ok
02:29:55.0891 0x10b4 [ A62C1C03713584382E5C8860D650F2C9, 456F34F09086809F8BA63C65EB3A99D91DD59CEADCDA478371E83A2C18F9E9C0 ] C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\EuWatch.exe
02:29:55.0907 0x10b4 EaseUs Watch - detected UnsignedFile.Multi.Generic ( 1 )
02:29:55.0907 0x10b4 EaseUs Watch ( UnsignedFile.Multi.Generic ) - warning
02:29:55.0907 0x10b4 Force sending object to P2P due to detect: C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\EuWatch.exe
02:29:55.0907 0x10b4 Object send P2P result: false
02:29:55.0985 0x10b4 [ 574B0C1A95D1EA0FBA1CA700CE83E7B9, 9E6568706BD66F700C24618E208B95B0015AA26872B4337C96A83415676A031F ] C:\Program Files (x86)\Common Files\Logitech\QCDriver3\LVCOMS.EXE
02:29:56.0016 0x10b4 LVCOMS - detected UnsignedFile.Multi.Generic ( 1 )
02:29:56.0016 0x10b4 LVCOMS ( UnsignedFile.Multi.Generic ) - warning
02:29:56.0016 0x10b4 Force sending object to P2P due to detect: C:\Program Files (x86)\Common Files\Logitech\QCDriver3\LVCOMS.EXE
02:29:56.0016 0x10b4 Object send P2P result: false
02:29:56.0063 0x10b4 [ 12E54BDE520DC85A611D7245DF44BCE5, 8F90F71AC97CE47D6A4F3491A48E3F857E8DEFD51E2DFDD528666AFC592E3B4E ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
02:29:56.0094 0x10b4 FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
02:29:56.0094 0x10b4 FreePDF Assistant ( UnsignedFile.Multi.Generic ) - warning
02:29:56.0188 0x10b4 [ B63E5C7807334A3A8F731062F15462CC, F4E501F749C10C44E8F501A34D8DD309892968BE70DA17734267BBCDDC351444 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
02:29:56.0234 0x10b4 Adobe ARM - ok
02:29:56.0297 0x10b4 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
02:29:56.0328 0x10b4 avgnt - ok
02:29:56.0359 0x10b4 [ 51DAD159BD771681B67593B9B8289A45, 40A7277819C2D7BCA10D22DC2F443F986DF04E777D3A4A0C89CC0991B020607C ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
02:29:56.0375 0x10b4 Avira Systray - ok
02:29:56.0422 0x10b4 [ BE3F6956EF8FEF4AAD1F67334C406839, 606A5A6309259D89AFA9E17EA248EE63F044E371EB038812FC7CF40F1E03BCA4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
02:29:56.0453 0x10b4 SunJavaUpdateSched - ok
02:29:56.0515 0x10b4 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
02:29:56.0640 0x10b4 Win FW state via NFP2: enabled
02:29:56.0640 0x10b4 ============================================================
02:29:56.0640 0x10b4 Scan finished
02:29:56.0640 0x10b4 ============================================================
02:29:56.0656 0x10ac Detected object count: 12
02:29:56.0656 0x10ac Actual detected object count: 12
02:30:16.0312 0x10ac EASEUS Agent ( UnsignedFile.Multi.Generic ) - skipped by user
02:30:16.0312 0x10ac EASEUS Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:30:16.0312 0x10ac epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
02:30:16.0312 0x10ac epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:30:16.0312 0x10ac EUBAKUP ( UnsignedFile.Multi.Generic ) - skipped by user
02:30:16.0312 0x10ac EUBAKUP ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:30:16.0312 0x10ac EuDisk ( UnsignedFile.Multi.Generic ) - skipped by user
02:30:16.0312 0x10ac EuDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:30:16.0312 0x10ac EUDSKACS ( UnsignedFile.Multi.Generic ) - skipped by user
02:30:16.0312 0x10ac EUDSKACS ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:30:16.0312 0x10ac EUFS ( UnsignedFile.Multi.Generic ) - skipped by user
02:30:16.0312 0x10ac EUFS ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:30:16.0312 0x10ac EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
02:30:16.0312 0x10ac EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:30:16.0312 0x10ac Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
02:30:16.0312 0x10ac Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:30:16.0312 0x10ac Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
02:30:16.0312 0x10ac Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:30:16.0312 0x10ac EaseUs Watch ( UnsignedFile.Multi.Generic ) - skipped by user
02:30:16.0312 0x10ac EaseUs Watch ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:30:16.0312 0x10ac LVCOMS ( UnsignedFile.Multi.Generic ) - skipped by user
02:30:16.0312 0x10ac LVCOMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:30:16.0312 0x10ac FreePDF Assistant ( UnsignedFile.Multi.Generic ) - skipped by user
02:30:16.0312 0x10ac FreePDF Assistant ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:30:20.0399 0x0d2c Deinitialize success
|
|
28.08.2014, 12:55
| #15 |
| /// the machine /// TB-Ausbilder | Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst dann jetzt bitte noch ein frisches FRST log
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win7: Nach unvorsichtigem Klick auf "updateflashplayer.***.exe" lädt iexplore.exe von selbst |
| 0x8007042, appl/downloader.gen, ccsetup, conduitsearch, conduitsearch entfernen, device driver, dvdvideosoft ltd., launch, pup.optional.pricegong.a, tr/atraps.gen, tr/crypt.zpack.93160, tr/crypt.zpack.93160., trojan.agent.ev, win32/bundled.toolbar.ask, win32/bundled.toolbar.ask.d, win32/bundled.toolbar.ask.e, win32/bundled.toolbar.google.d, win32/complitly.a, win32/injector.bkbo, win32/installshare.a, win32/kryptik.cjaj, win32/opencandy.a, win32/toolbar.searchsuite |
WARNUNG an die MITLESER: 
Linear-Darstellung
