| |
| |||||||
Log-Analyse und Auswertung: adfoc.us ruft unerwünschte websites aufWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.12.2014, 08:42
| #1 |
 |  adfoc.us ruft unerwünschte websites auf Bitte um Hilfe seit einigen Tagen auf W8.1 adfoc.us Aktivität. Öffnet auf Chrome die adfoc.us website und andere. Heute morgen Chrome auf default zurückgesetzt. adwcleaner durchgeführt - kein Erfolg. TDSS Killer log: |
|
08.12.2014, 08:47
| #2 |
| /// the machine /// TB-Ausbilder    | adfoc.us ruft unerwünschte websites auf Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
08.12.2014, 08:56
| #3 |
| | hier das log aufgeteilt hier das log aufgeteilt
__________________ |
|
08.12.2014, 09:29
| #4 |
| | log - noch ein Versuch hi Schrauber, ich hab das log wie beschrieben aufgeteilt und zwischen die beiden code kopiert. Vorschau sieht gut aus. Leider nimmt das System die Antwort so nicht an und besteht auf das anhängen als Archiv. Ich werde jetzt erstmal FRST runderladen und verfahren wie du vorgeschlagen hast. Honky FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 02
Ran by acer (administrator) on ACER32 on 08-12-2014 15:12:58
Running from C:\Users\acer\Desktop
Loaded Profiles: acer & UpdatusUser (Available profiles: acer & Acer_2 & UpdatusUser & Gast)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(ABBYY InfoPoisk LLC) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
() C:\Program Files (x86)\MadAppLauncher\MadAppLauncher.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-unity-helper.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vprintproxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\winkmd\TOTALCMD64.EXE
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(Microsoft) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Solitaire.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Users\acer\Downloads\tdsskiller.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10592256 2014-04-23] (Broadcom Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [pdfFactory Pro Dispatcher v3] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\fppdis3a.exe [754688 2009-12-15] (FinePrint Software, LLC)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [453448 2014-08-14] ()
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [Seagate Scheduler2 Service] => "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe"
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1213848 2010-09-14] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2010-09-09] (CANON INC.)
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1364496 2013-06-28] (ABBYY Production LLC)
HKLM-x32\...\Run: [DiscWizardMonitor.exe] => "C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe"
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843744 2014-02-04] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [112856 2014-10-29] (VMware, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Atheros Communications))
HKU\S-1-5-21-1606645829-3171774752-743400600-1002\...\Run: [MyRouter] => C:\Program Files (x86)\MyRouter\MyRouter.exe
HKU\S-1-5-21-1606645829-3171774752-743400600-1002\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
HKU\S-1-5-21-1606645829-3171774752-743400600-1012\...\Run: [MyRouter] => C:\Program Files (x86)\MyRouter\MyRouter.exe
HKU\S-1-5-21-1606645829-3171774752-743400600-1012\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [184048 2013-11-01] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-11-01] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-11-01] (NVIDIA Corporation)
Startup: C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MadAppLauncher.lnk
ShortcutTarget: MadAppLauncher.lnk -> C:\Program Files (x86)\MadAppLauncher\MadAppLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1606645829-3171774752-743400600-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKU\S-1-5-21-1606645829-3171774752-743400600-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-1606645829-3171774752-743400600-1012\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
URLSearchHook: HKU\S-1-5-21-1606645829-3171774752-743400600-1002 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
URLSearchHook: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1002 -> DefaultScope {B789B92F-C3B3-4182-89AA-39DD558BB765} URL =
SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1002 -> {B789B92F-C3B3-4182-89AA-39DD558BB765} URL =
SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 -> DefaultScope {B789B92F-C3B3-4182-89AA-39DD558BB765} URL =
SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 -> {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm018^YYA^th&si=CMDP44jMtr8CFUcpjgodR3MApw&ptb=DA58E806-3D31-4BF0-B6EF-620486E2993E&psa=&ind=2014070816&st=sb&n=780c4820&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 -> {B789B92F-C3B3-4182-89AA-39DD558BB765} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKU\S-1-5-21-1606645829-3171774752-743400600-1002 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Tcpip\Parameters: [DhcpNameServer] 94.249.192.228 8.8.8.8
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-15]
CHR Extension: (Google Docs) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-15]
CHR Extension: (Google Drive) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-16]
CHR Extension: (YouTube) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-15]
CHR Extension: (Google-Suche) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-15]
CHR Extension: (Google Tabellen) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-15]
CHR Extension: (Google Wallet) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-15]
CHR Extension: (Google Mail) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-15]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
S2 CLKMSVC10_96E434EB; C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe [241776 2013-02-04] (CyberLink)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-17] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2013-01-18] (ELAN Microelectronics Corp.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-14] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-15] (Acer Incorporate)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-10-29] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6074368 2014-04-23] (Broadcom Corporation) [File not signed]
S2 SgtSch2Svc; "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (EZB Systems, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
S3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-01-17] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-12-08] ()
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-07-20] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-07-22] (Acronis International GmbH)
S1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
S1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
S1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-08 15:12 - 2014-12-08 15:13 - 00022019 _____ () C:\Users\acer\Desktop\FRST.txt
2014-12-08 15:12 - 2014-12-08 15:13 - 00000000 ____D () C:\FRST
2014-12-08 15:12 - 2014-12-08 15:11 - 02119680 _____ (Farbar) C:\Users\acer\Desktop\FRST64.exe
2014-12-08 15:11 - 2014-12-08 15:11 - 02119680 _____ (Farbar) C:\Users\acer\Downloads\FRST64.exe
2014-12-08 14:41 - 2014-12-08 14:41 - 00047419 _____ () C:\Users\acer\Desktop\tdsskiller logt.zip
2014-12-08 14:15 - 2014-12-08 14:16 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\acer\Downloads\tdsskiller.exe
2014-12-08 10:21 - 2014-12-08 10:21 - 02153472 _____ () C:\Users\acer\Downloads\AdwCleaner.exe
2014-12-08 10:21 - 2014-12-08 10:21 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-08 10:18 - 2014-12-08 10:18 - 00000265 _____ () C:\Users\acer\Downloads\XHitXGirl_k_1.1.3.jad
2014-11-29 07:49 - 2014-11-29 07:49 - 00000000 __SHD () C:\Users\acer\AppData\Local\EmieBrowserModeList
2014-11-28 14:51 - 2014-11-28 14:51 - 03488932 _____ () C:\Users\acer\Downloads\User Manual_Acer_1.0_A_A.zip
2014-11-25 18:12 - 2014-11-25 18:12 - 00000000 ____D () C:\Users\acer\AppData\Local\PackageStaging
2014-11-19 17:32 - 2014-11-10 06:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-19 17:32 - 2014-11-10 06:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-19 17:32 - 2014-11-10 06:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-19 17:32 - 2014-11-10 06:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-14 02:16 - 2014-11-14 02:16 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-11-14 02:16 - 2014-10-29 15:01 - 00931032 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll
2014-11-14 02:16 - 2014-10-29 15:01 - 00437976 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
2014-11-14 02:16 - 2014-10-29 15:01 - 00359128 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
2014-11-14 02:16 - 2014-10-29 15:01 - 00064728 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys
2014-11-14 02:16 - 2014-10-29 15:01 - 00031448 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys
2014-11-14 02:16 - 2014-02-27 18:40 - 00054464 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys
2014-11-14 02:16 - 2014-02-27 18:40 - 00051904 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmusb.sys
2014-11-14 02:16 - 2013-10-08 18:21 - 00073296 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys
2014-11-14 02:16 - 2013-10-08 18:21 - 00067664 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll
2014-11-14 02:16 - 2013-10-08 18:21 - 00063568 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll
2014-11-14 02:15 - 2014-11-14 02:15 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines
2014-11-12 18:45 - 2014-11-12 18:45 - 00002022 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-11-12 18:45 - 2014-11-12 18:45 - 00002012 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk
2014-11-12 18:45 - 2014-11-12 18:45 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-11-12 18:45 - 2014-11-12 18:45 - 00000000 ____D () C:\Users\acer\Documents\samsung
2014-11-12 18:45 - 2014-11-12 18:45 - 00000000 ____D () C:\Users\acer\AppData\Roaming\Samsung
2014-11-12 18:45 - 2014-11-12 18:45 - 00000000 ____D () C:\Users\acer\AppData\Local\Samsung
2014-11-12 18:43 - 2014-11-12 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2014-11-12 18:43 - 2014-11-12 18:43 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-11-12 18:31 - 2014-04-30 19:43 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll
2014-11-12 18:31 - 2014-04-30 19:43 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2014-11-12 18:30 - 2014-11-12 18:43 - 00000000 ____D () C:\ProgramData\Samsung
2014-11-12 10:04 - 2014-10-10 08:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-12 10:04 - 2014-10-10 08:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-12 10:04 - 2014-10-08 14:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-12 10:04 - 2014-10-08 13:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-12 10:04 - 2014-10-08 13:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-12 10:04 - 2014-10-08 13:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-12 10:04 - 2014-10-08 13:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-12 10:04 - 2014-10-08 12:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-12 10:04 - 2014-09-27 14:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-12 10:04 - 2014-09-27 12:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-12 10:04 - 2014-09-27 10:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-12 10:04 - 2014-09-27 10:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-12 10:04 - 2014-09-27 10:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-12 10:04 - 2014-09-22 11:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-12 10:04 - 2014-09-22 10:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-12 10:04 - 2014-09-22 10:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-12 10:04 - 2014-09-22 09:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-12 10:04 - 2014-09-19 07:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-12 10:04 - 2014-09-03 05:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-12 10:04 - 2014-09-03 05:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-12 10:03 - 2014-10-31 12:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-12 10:03 - 2014-10-31 10:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-12 10:03 - 2014-10-18 16:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-12 10:03 - 2014-10-18 15:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-12 10:03 - 2014-10-18 15:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-12 10:03 - 2014-10-18 14:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-12 10:03 - 2014-10-18 13:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-12 10:03 - 2014-10-18 13:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-12 10:03 - 2014-10-18 13:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-12 10:03 - 2014-10-18 13:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-12 10:03 - 2014-10-18 13:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-12 10:03 - 2014-10-18 13:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-12 10:03 - 2014-10-18 13:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-12 10:03 - 2014-10-18 13:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-12 10:03 - 2014-10-18 13:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-12 10:03 - 2014-10-18 13:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-12 10:03 - 2014-10-18 13:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-12 10:03 - 2014-10-18 13:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-12 10:03 - 2014-10-17 14:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-12 10:03 - 2014-10-17 13:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-12 10:03 - 2014-10-13 09:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-12 10:03 - 2014-10-11 07:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-12 10:03 - 2014-10-11 07:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-12 10:03 - 2014-10-10 08:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-12 10:03 - 2014-10-08 14:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-12 10:03 - 2014-10-08 14:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-12 10:03 - 2014-10-08 14:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-12 10:03 - 2014-10-08 14:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-12 10:03 - 2014-10-08 14:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-12 10:03 - 2014-10-08 13:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-12 10:03 - 2014-10-08 13:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-12 10:03 - 2014-10-08 12:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-12 10:03 - 2014-10-08 12:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-12 10:02 - 2014-10-31 12:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-12 10:02 - 2014-10-31 12:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-12 10:02 - 2014-10-31 12:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-12 10:02 - 2014-10-31 12:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-12 10:02 - 2014-10-31 12:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-12 10:02 - 2014-10-31 12:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-12 10:02 - 2014-10-31 12:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-12 10:02 - 2014-10-31 12:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-12 10:02 - 2014-10-31 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-12 10:02 - 2014-10-31 12:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-12 10:02 - 2014-10-31 12:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-12 10:02 - 2014-10-31 12:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-12 10:02 - 2014-10-31 11:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-12 10:02 - 2014-10-31 11:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-12 10:02 - 2014-10-31 11:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-12 10:02 - 2014-10-31 11:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-12 10:02 - 2014-10-31 11:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-12 10:02 - 2014-10-31 11:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-12 10:02 - 2014-10-31 11:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-12 10:02 - 2014-10-31 11:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-12 10:02 - 2014-10-31 11:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-12 10:02 - 2014-10-31 11:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-12 10:02 - 2014-10-31 11:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-12 10:02 - 2014-10-31 11:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-12 10:02 - 2014-10-31 11:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-12 10:02 - 2014-10-31 11:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-12 10:02 - 2014-10-31 11:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-12 10:02 - 2014-10-31 11:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-12 10:02 - 2014-10-31 11:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-12 10:02 - 2014-10-31 11:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-12 10:02 - 2014-10-31 11:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-12 10:02 - 2014-10-31 11:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-12 10:02 - 2014-10-31 11:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-12 10:02 - 2014-10-31 11:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-12 10:02 - 2014-10-31 11:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-12 10:02 - 2014-10-31 11:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-12 10:02 - 2014-10-31 11:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-12 10:02 - 2014-10-31 11:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-12 10:02 - 2014-10-31 11:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-12 10:02 - 2014-10-31 11:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-12 10:02 - 2014-10-31 10:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-12 10:02 - 2014-10-31 10:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-12 10:02 - 2014-10-31 10:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-12 10:02 - 2014-10-31 10:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-12 10:02 - 2014-10-31 10:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-12 10:02 - 2014-10-31 10:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-12 10:02 - 2014-10-31 10:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-12 10:02 - 2014-10-31 10:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-12 10:02 - 2014-10-31 10:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-12 10:02 - 2014-10-31 10:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-12 10:02 - 2014-10-31 10:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-12 10:02 - 2014-10-31 10:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-12 10:02 - 2014-10-31 10:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-12 10:02 - 2014-10-31 10:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-12 10:02 - 2014-10-31 10:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-12 10:02 - 2014-10-31 10:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-12 10:02 - 2014-10-31 10:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-12 10:02 - 2014-10-31 10:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-12 10:02 - 2014-10-31 10:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-12 10:02 - 2014-10-31 10:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-12 10:02 - 2014-10-31 10:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-12 10:02 - 2014-10-31 10:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-12 10:02 - 2014-10-31 10:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-12 10:02 - 2014-10-31 10:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-12 10:02 - 2014-10-31 10:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-12 10:02 - 2014-10-31 10:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-12 10:02 - 2014-10-31 10:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-12 10:02 - 2014-10-31 10:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-12 10:02 - 2014-10-31 09:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 10:02 - 2014-10-31 09:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-12 10:02 - 2014-10-31 09:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-12 10:02 - 2014-10-31 09:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-12 10:02 - 2014-10-31 09:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-12 10:02 - 2014-10-31 09:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-12 10:02 - 2014-10-31 09:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-12 10:02 - 2014-10-31 09:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-12 10:02 - 2014-10-31 09:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-12 10:02 - 2014-10-31 09:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-12 10:02 - 2014-10-31 09:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-12 10:02 - 2014-10-31 09:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-12 10:02 - 2014-10-31 09:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-12 10:02 - 2014-10-31 09:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-12 10:02 - 2014-10-31 09:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-12 10:02 - 2014-10-31 09:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-12 10:02 - 2014-10-31 09:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-12 10:02 - 2014-10-31 09:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-12 10:02 - 2014-10-31 09:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-12 10:02 - 2014-10-31 09:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-12 10:02 - 2014-10-31 09:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-12 10:02 - 2014-10-31 09:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-12 10:01 - 2014-10-23 12:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-12 10:01 - 2014-10-23 12:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-12 10:01 - 2014-10-07 13:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-12 10:01 - 2014-10-07 13:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-12 10:01 - 2014-10-07 13:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-12 10:01 - 2014-10-07 13:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-12 10:01 - 2014-10-07 13:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-12 10:01 - 2014-10-07 10:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-12 10:01 - 2014-10-07 10:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-12 10:01 - 2014-10-07 10:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-12 10:01 - 2014-10-07 10:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-12 10:01 - 2014-10-07 08:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-12 10:01 - 2014-10-07 08:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-12 10:01 - 2014-09-10 13:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-12 10:01 - 2014-09-08 10:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-12 10:01 - 2014-09-08 10:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-12 10:01 - 2014-09-08 05:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-12 10:01 - 2014-09-05 05:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-12 10:01 - 2014-09-05 05:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-12 10:01 - 2014-09-04 10:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-12 10:01 - 2014-09-04 09:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-12 10:01 - 2014-09-04 08:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-12 10:01 - 2014-09-04 07:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-12 10:01 - 2014-08-31 07:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-12 10:01 - 2014-08-31 07:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-12 10:01 - 2014-08-31 05:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-12 10:01 - 2014-08-31 05:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-12 10:01 - 2014-08-31 04:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-12 10:01 - 2014-08-31 04:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-12 10:01 - 2014-08-31 03:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-12 10:01 - 2014-08-31 03:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-12 10:01 - 2014-08-28 09:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-12 10:01 - 2014-08-28 07:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-12 10:01 - 2014-08-28 07:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-12 10:01 - 2014-08-23 12:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-12 10:01 - 2014-08-23 12:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-12 10:01 - 2014-08-23 12:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-12 10:01 - 2014-08-23 12:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-12 10:01 - 2014-08-23 11:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-12 10:01 - 2014-08-02 07:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-12 10:01 - 2014-08-02 07:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-08 15:13 - 2014-09-15 15:58 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-08 15:02 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-08 14:54 - 2014-02-10 14:58 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-08 14:05 - 2013-10-18 14:04 - 00000000 ____D () C:\Users\acer\AppData\Roaming\VMware
2014-12-08 13:50 - 2013-11-21 10:33 - 00000000 ____D () C:\Users\acer\Documents\FinePrint-Dateien
2014-12-08 13:48 - 2013-10-18 13:21 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{64060840-E01C-4C8F-B485-FCD2F005B6D1}
2014-12-08 13:15 - 2013-07-31 17:46 - 00000000 ____D () C:\ProgramData\VMware
2014-12-08 13:08 - 2013-09-16 03:12 - 00000000 ____D () C:\DANGER keygens
2014-12-08 11:44 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-08 11:44 - 2013-07-31 17:26 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1606645829-3171774752-743400600-1002
2014-12-08 11:39 - 2014-10-08 14:08 - 00723456 ___SH () C:\Users\acer\Desktop\Thumbs.db
2014-12-08 11:38 - 2013-10-18 10:57 - 01850054 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-08 11:22 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-12-08 10:47 - 2013-09-30 11:14 - 01785036 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-08 10:47 - 2013-09-30 10:56 - 00768266 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-08 10:47 - 2013-09-30 10:56 - 00160576 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-08 10:42 - 2014-09-15 15:58 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-08 10:42 - 2013-10-18 14:04 - 00000000 ____D () C:\Users\acer\AppData\Local\VMware
2014-12-08 10:42 - 2013-10-18 11:57 - 00000000 ___DO () C:\Users\acer\SkyDrive
2014-12-08 10:42 - 2013-08-11 15:01 - 00016152 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-12-08 10:42 - 2013-08-11 15:01 - 00000422 _____ () C:\WINDOWS\Tasks\SlimDrivers Startup.job
2014-12-08 10:41 - 2013-09-30 02:04 - 00221316 _____ () C:\WINDOWS\PFRO.log
2014-12-08 10:41 - 2013-08-22 21:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-08 10:41 - 2013-08-10 05:22 - 00000575 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-12-08 10:34 - 2013-08-22 20:25 - 21495808 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-08 10:24 - 2013-08-28 00:21 - 00000000 ____D () C:\AdwCleaner
2014-12-08 08:12 - 2013-08-10 05:36 - 00000000 ____D () C:\Users\acer\AppData\Roaming\MyPhoneExplorer
2014-12-03 20:13 - 2014-07-17 19:41 - 00003848 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1379176262
2014-12-03 20:13 - 2013-09-14 23:31 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-12-03 20:13 - 2013-09-14 23:31 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-03 16:56 - 2013-07-31 21:07 - 00000000 ____D () C:\Users\acer\AppData\Local\Packages
2014-11-28 16:28 - 2013-08-22 21:46 - 00356175 _____ () C:\WINDOWS\setupact.log
2014-11-28 01:18 - 2013-08-22 22:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-28 01:18 - 2013-08-22 22:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-27 13:53 - 2012-07-26 14:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-26 02:54 - 2014-02-10 14:58 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-11-21 03:51 - 2013-08-22 22:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-21 03:51 - 2013-08-22 22:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-14 23:08 - 2014-09-15 15:58 - 00004104 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-14 23:08 - 2014-09-15 15:58 - 00003868 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-14 22:12 - 2013-08-11 04:52 - 00000000 ____D () C:\temp
2014-11-14 02:16 - 2013-07-31 17:46 - 01806364 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-11-14 02:15 - 2013-08-01 17:16 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-11-14 02:07 - 2013-07-31 17:41 - 00000000 ____D () C:\winkmd
2014-11-13 05:12 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-12 22:38 - 2013-10-18 10:54 - 00000000 ____D () C:\Users\acer
2014-11-12 22:31 - 2013-08-22 21:44 - 00388504 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-12 22:29 - 2013-08-22 22:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-12 22:29 - 2013-08-22 22:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-12 22:29 - 2013-08-22 22:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-12 22:29 - 2013-08-22 22:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-12 18:43 - 2013-08-11 00:35 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-11-12 18:31 - 2013-08-11 17:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG
2014-11-12 18:31 - 2013-04-18 17:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-12 18:30 - 2014-07-18 10:55 - 00000000 ____D () C:\Users\acer\AppData\Local\Downloaded Installations
2014-11-12 17:01 - 2013-08-12 03:54 - 00000000 ____D () C:\Users\acer\AppData\Roaming\vlc
2014-11-12 13:11 - 2013-08-04 22:22 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-12 13:09 - 2013-08-01 23:55 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-09 17:58 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
Some content of TEMP:
====================
C:\Users\acer\AppData\Local\Temp\Quarantine.exe
C:\Users\acer\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-28 02:32
==================== End Of Log ============================
--- --- --- --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 02
Ran by acer at 2014-12-08 15:13:21
Running from C:\Users\acer\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
ABBYY FineReader 11 (HKLM-x32\...\{F11000FE-0010-0000-0000-074957833700}) (Version: 11.11.194 - ABBYY Production LLC)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{81C6F800-A69B-4E70-9DC0-74732F8B00E7}) (Version: 1.00.3015 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3003 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3003 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Acronis True Image 2014 (HKLM-x32\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}Visible) (Version: 17.0.6673 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
BEETmobile (HKLM-x32\...\{AC843048-1628-421B-AEEB-F86FFAEBFA91}) (Version: 1.0.21.0 - BEETmobile AG)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.118 - Broadcom Corporation)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: - )
Canon MP Navigator EX 4.1 (HKLM-x32\...\MP Navigator EX 4.1) (Version: - )
Canon MX420 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX420_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Clock Screen Saver (HKLM-x32\...\{C7A8AA10-B632-42F8-9F57-A16FDCE0601E}) (Version: 1.70 - ABF software)
Creative Movie Maker 1.0.8.0 (HKLM-x32\...\Creative Movie Maker) (Version: 1.0.8.0 - SAMSUNG)
CUEcards 2000 (HKLM-x32\...\CUEcards 2000) (Version: - Marcus Humann Software-Technik)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
DriverTuner 3.1.0.1 (HKLM-x32\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.1.0.1 - LionSea SoftWare)
ETDWare PS/2-X64 11.6.19.204_WHQL (HKLM\...\Elantech) (Version: 11.6.19.204 - ELAN Microelectronic Corp.)
FinePrint (HKLM\...\FinePrint) (Version: 7.10 - FinePrint Software, LLC)
Foxit Phantom (HKLM-x32\...\Foxit Phantom) (Version: 2.0.0.0424 - Foxit Software Company)
Free YouTube Download version 3.2.30.319 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.30.319 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
LibreOffice 4.1.0.4 (HKLM-x32\...\{F8478020-D98E-49FB-BA14-07A534AED99C}) (Version: 4.1.0.4 - The Document Foundation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
MadAppLauncher version 1.10.0.0 (HKLM-x32\...\{73F59F3E-E753-4D3D-B123-B497B74A549A}_is1) (Version: 1.10.0.0 - Roberto Concepcion)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-1606645829-3171774752-743400600-1002\...\MyFreeCodec) (Version: - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
NVIDIA Grafiktreiber 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Opera Stable 16.0.1196.80 (HKLM-x32\...\Opera 16.0.1196.80) (Version: 16.0.1196.80 - Opera Software ASA)
Opera Stable 26.0.1656.32 (HKLM-x32\...\Opera 26.0.1656.32) (Version: 26.0.1656.32 - Opera Software ASA)
pdfFactory Pro (HKLM\...\pdfFactory Pro) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.28130 - Realtek Semiconductor Corp.)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SlimDrivers (HKLM-x32\...\{3CF3DEF4-ED15-4F7B-9320-C3E1081EA4DA}) (Version: 2.2.30877 - SlimWare Utilities, Inc.)
Stellarium 0.13.0 (HKLM-x32\...\Stellarium_is1) (Version: 0.13.0 - Stellarium team)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.5 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
UltraISO Premium V9.3 (HKLM-x32\...\UltraISO_is1) (Version: - )
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.4 - VMware, Inc)
VMware Workstation (Version: 10.0.4 - VMware, Inc.) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Wise Registry Cleaner 7.87 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 7.87 - WiseCleaner.com, Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1606645829-3171774752-743400600-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1606645829-3171774752-743400600-1002_Classes\CLSID\{D0B669BA-7996-E234-D2CB-47FB79199921}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
==================== Restore Points =========================
20-11-2014 16:57:52 Windows Update
27-11-2014 06:52:36 Windows Update
04-12-2014 22:42:56 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 20:25 - 2013-08-22 20:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {048EDF98-5395-4B4A-A4AE-0C01C2AD25C5} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2013-02-09] ()
Task: {05A648A4-192E-4AA1-8248-EAA5D09068B3} - System32\Tasks\acer => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe
Task: {0F627169-0FDB-4E7C-8C17-7B84AF7C7292} - System32\Tasks\acer Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe
Task: {1030B209-104A-4F1F-ADB1-5AE4DA2CAAF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-15] (Google Inc.)
Task: {198A8E5A-9383-4CF4-AC36-1198FBCEB7DC} - System32\Tasks\BEETmobile => C:\Program Files (x86)\BEETmobile\BEETmobile.exe [2012-10-30] (BEETmobile)
Task: {2B4F6991-2417-4067-BFAA-8943D9E444FC} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {3977844E-7DC1-4E6B-B9A4-179B42995CC1} - System32\Tasks\Opera scheduled Autoupdate 1379176262 => C:\Program Files (x86)\Opera\launcher.exe [2014-11-25] (Opera Software)
Task: {6CC68A39-B2A0-4683-841D-82FB9D5598CC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-12] (Microsoft Corporation)
Task: {6DDC6F2E-A819-4026-9262-9C6AAB6E838C} - System32\Tasks\acer DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
Task: {79F03329-3C73-4BF6-A489-F2D80A84AA9D} - \Browser Updater\Browser Updater No Task File <==== ATTENTION
Task: {821453E6-0E72-4560-8BE6-D7FF27264BA9} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2013-02-09] ()
Task: {844876FE-AB3F-4EEA-9BB7-F4924DD96CE5} - System32\Tasks\acer1 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe
Task: {8F2B5D50-FC49-4F37-99F2-E4CA803398A2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {93882C87-2DE1-45FD-931C-51992246DD6D} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe
Task: {972E839B-849C-4E34-9B06-255B9ACFA0DE} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-03-15] (Acer Incorporate)
Task: {A836CAD0-0538-4B95-A906-A2F787E74187} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {C8063A97-2BEA-42FF-B932-1166CAD7030D} - System32\Tasks\acer1 Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe
Task: {E0016269-49ED-4B59-9C2E-237CEE23361A} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {EA4EC7A7-E499-44A4-952C-39D6CF30D548} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {EB7F87E2-3C1C-4C60-B0BD-893F0C1EFAF3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-15] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
==================== Loaded Modules (whitelisted) =============
2014-04-23 20:41 - 2013-11-01 04:43 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-04-28 01:43 - 2013-02-21 03:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-03-28 00:53 - 2013-10-01 10:32 - 02818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2014-01-25 02:22 - 2014-08-14 00:24 - 00453448 _____ () C:\WINDOWS\system32\igfxTray.exe
2013-01-25 05:09 - 2013-01-25 05:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-25 05:05 - 2013-01-25 05:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-25 05:12 - 2013-01-25 05:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-08-10 17:23 - 2013-03-27 02:49 - 00483328 _____ () C:\Program Files (x86)\MadAppLauncher\MadAppLauncher.exe
2013-02-09 04:24 - 2013-02-09 04:24 - 00025672 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2013-02-09 04:24 - 2013-02-09 04:24 - 00044616 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2014-11-26 09:14 - 2014-11-25 12:48 - 01408328 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-11-26 09:14 - 2014-11-25 12:48 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-11-26 09:14 - 2014-11-25 12:48 - 01856840 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2014-11-26 09:14 - 2014-11-25 12:48 - 26722120 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll
2014-11-26 09:14 - 2014-11-25 12:48 - 10689352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2013-07-31 17:41 - 2012-08-03 13:01 - 00150392 _____ () C:\winkmd\wcmzip64.dll
2013-07-31 17:41 - 2012-08-03 13:01 - 00201216 _____ () C:\winkmd\unRAR64.dll
2014-10-29 15:01 - 2014-10-29 15:01 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2014-02-04 18:25 - 2014-02-04 18:25 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2014-02-04 18:25 - 2014-02-04 18:25 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-10-10 12:02 - 2013-10-10 12:02 - 00013120 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2014-10-29 15:01 - 2014-10-29 15:01 - 00330456 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libcurl.dll
2014-10-29 15:01 - 2014-10-29 15:01 - 00319704 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libldap_r.dll
2014-10-29 15:01 - 2014-10-29 15:01 - 00146648 _____ () C:\Program Files (x86)\VMware\VMware Workstation\liblber.dll
2014-10-29 15:01 - 2014-10-29 15:01 - 00070360 _____ () C:\Program Files (x86)\VMware\VMware Workstation\zlib1.dll
2013-04-28 01:43 - 2013-02-21 03:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2014-04-23 20:39 - 2013-09-04 07:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-02-04 18:28 - 2014-02-04 18:28 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-10-19 07:57 - 2014-10-19 07:57 - 03530752 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\90a4331ab5b5bb3ead23d75d4349a491\Windows.UI.Xaml.ni.dll
2014-11-28 02:32 - 2014-11-28 02:32 - 00318464 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.CdnModule\fb2a7acae28e48a3be2947dff5e7ddf2\Arkadium.CdnModule.ni.dll
2014-11-28 02:32 - 2014-11-28 02:32 - 02051584 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Dae4911807#\7489d435538be54ecd0702765266896f\Arkadium.DailyChallengeModule.ni.dll
2014-11-28 02:32 - 2014-11-28 02:32 - 00971264 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Wi3ea2618e#\d365c6aa928d57ab15f29976306a7c8c\Arkadium.Win8.PuzzleMode.ni.dll
2014-11-28 02:32 - 2014-11-28 02:32 - 00351744 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\UpsellModule\4279f16002a53092370f2115565506f6\UpsellModule.ni.dll
2014-10-19 07:57 - 2014-10-19 07:57 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\f7e726805e56676bd7b8662a3d842b0e\Windows.Foundation.ni.dll
2014-10-19 07:57 - 2014-10-19 07:57 - 01130496 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\6e37f358bf8363dad51e2333292d61a9\Windows.ApplicationModel.ni.dll
2014-10-19 07:57 - 2014-10-19 07:57 - 00960000 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\6c2169e34bfb3814fa44f267572335f6\Windows.UI.ni.dll
2014-11-28 02:33 - 2014-11-28 02:33 - 00038400 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Wi82189356#\bca0415f3391cdc00ac8e09b58f54b12\Arkadium.Win8.MediaPlayer.ni.dll
2014-11-28 02:32 - 2014-11-28 02:33 - 00122880 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Ap4e5cc921#\5583b251bf3683a562057dc1688d13ff\Arkadium.ApplicationFramework.ni.dll
2014-11-28 02:33 - 2014-11-28 02:33 - 00175104 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Acc213f109#\608d3007b8d07473c679cf531bb9b1ee\Arkadium.AchievementsModule.ni.dll
2014-11-28 02:33 - 2014-11-28 02:33 - 00264704 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Awd4f12c8f#\028672eb91d96b23e8c1ff58daa180ad\Arkadium.AwardsModule.ni.dll
2014-11-28 02:33 - 2014-11-28 02:33 - 00374784 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Le816657bc#\b86d8a53356b1e00b32c8f47a13aa0fb\Arkadium.LeaderboardModule.ni.dll
2014-11-28 02:33 - 2014-11-28 02:33 - 00302080 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Wi4bbc307d#\78f0fbf277167043869e4f815073d749\Arkadium.WindowsStoreModule.ni.dll
2014-11-28 02:33 - 2014-11-28 02:33 - 00686080 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Ad1735b4ba#\50d7025b9414832ddc555c93d878d7bf\Arkadium.Advertisement.ni.dll
2014-11-28 02:33 - 2014-11-28 02:33 - 00122880 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Xaba8eb3bf#\5e88e521cd840136e9f752221bc87465\Arkadium.Xaml.Toolkit.ni.dll
2014-11-28 02:33 - 2014-11-28 02:33 - 00141312 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.NewsModule\75267553bfe313a7bdb4709cee062f27\Arkadium.NewsModule.ni.dll
2014-11-28 02:33 - 2014-11-28 02:33 - 00215040 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\CustomProgr3d91ab4c#\de434950c2e5136c4f235c5fbcda3ce5\CustomProgressControl.ni.dll
2014-10-08 15:14 - 2014-10-08 15:14 - 00483840 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.Xbox\7334cf3cd56e548536e510cce0ed4e14\Microsoft.Xbox.ni.dll
2014-10-19 07:57 - 2014-10-19 07:57 - 00770560 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Media\ca5d421f33f051f1b561add6753e4360\Windows.Media.ni.dll
2014-10-18 07:04 - 2014-10-18 07:04 - 00227328 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\CEServices\c1cbabc316caabe260365f723757062f\CEServices.ni.dll
2014-10-19 07:57 - 2014-10-19 07:57 - 00808448 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\f0a2c10499402eff632a7a7df0b4afef\Windows.Storage.ni.dll
2014-10-19 07:57 - 2014-10-19 07:57 - 00402432 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Security\ade4f25e9d8384f190ede9eb090281cb\Windows.Security.ni.dll
2014-05-01 13:47 - 2014-05-01 13:47 - 00238080 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\a1306b1fdd9c22508f9e5d901fceb4cd\Windows.Globalization.ni.dll
2014-10-19 07:57 - 2014-10-19 07:57 - 00797696 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\e1a2f3f274995f1f847c00f962657943\Windows.Networking.ni.dll
2014-10-18 07:04 - 2014-10-18 07:04 - 00197120 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\MicroStudioe45cbf8f#\701c8eca3d3515aed6c0eccdcbc6ffb2\MicroStudios.HouseAdController.ni.dll
2014-11-28 02:32 - 2014-11-28 02:32 - 00337408 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\FlurryWin8SDK\657459d53b3fbf35bb8af108cce8a0d5\FlurryWin8SDK.ni.dll
2014-10-19 07:57 - 2014-10-19 07:57 - 00133120 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.System\7819e306c2c55c42f35a5fa10b93710f\Windows.System.ni.dll
2014-05-01 13:47 - 2014-05-01 13:47 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\bf5509cf3a0d2e3afbd0c33e9153ecbd\Windows.Devices.ni.dll
2014-05-01 13:47 - 2014-05-01 13:47 - 00304128 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\4e33edd5ee2ee09f751c0071ba0a26c3\Windows.Graphics.ni.dll
2014-10-08 15:14 - 2014-10-08 15:14 - 00041984 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.G42d2c636#\c9c9d32d102cd8eb4ad7d760ede11f62\Microsoft.Games.Sentient.ni.dll
2014-10-19 07:57 - 2014-10-19 07:57 - 00337920 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Data\fe565d34d4335337c06264bb0d85e3b0\Windows.Data.ni.dll
2014-10-08 15:14 - 2014-10-08 15:14 - 00012800 _____ () C:\Users\acer\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Sh130cfbe4#\9ef21ae2ff95f96dcc5d7181d3ef82d5\Arkadium.SharpDXEngine.AudioLoader.ni.dll
2014-04-10 13:33 - 2014-04-10 13:33 - 00038912 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
2013-10-01 11:00 - 2013-10-01 11:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\acer\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Acer_2\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKU\S-1-5-21-1606645829-3171774752-743400600-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1606645829-3171774752-743400600-1012\...\StartupApproved\Run: => "Spotify Web Helper"
========================= Accounts: ==========================
acer (S-1-5-21-1606645829-3171774752-743400600-1002 - Administrator - Enabled) => C:\Users\acer
Acer_2 (S-1-5-21-1606645829-3171774752-743400600-1010 - Limited - Enabled) => C:\Users\Acer_2
Administrator (S-1-5-21-1606645829-3171774752-743400600-500 - Administrator - Disabled)
Gast (S-1-5-21-1606645829-3171774752-743400600-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1606645829-3171774752-743400600-1009 - Limited - Enabled)
UpdatusUser (S-1-5-21-1606645829-3171774752-743400600-1012 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/06/2014 03:38:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Solitaire.exe, Version: 1.0.0.0, Zeitstempel: 0x545cb1db
Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.17031, Zeitstempel: 0x53086d7c
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000fb1d7
ID des fehlerhaften Prozesses: 0x1510
Startzeit der fehlerhaften Anwendung: 0xSolitaire.exe0
Pfad der fehlerhaften Anwendung: Solitaire.exe1
Pfad des fehlerhaften Moduls: Solitaire.exe2
Berichtskennung: Solitaire.exe3
Vollständiger Name des fehlerhaften Pakets: Solitaire.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Solitaire.exe5
Error: (12/06/2014 01:23:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MyPhoneExplorer.exe, Version: 1.8.0.6, Zeitstempel: 0x53f91b47
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x002cc0f3
ID des fehlerhaften Prozesses: 0x2dac
Startzeit der fehlerhaften Anwendung: 0xMyPhoneExplorer.exe0
Pfad der fehlerhaften Anwendung: MyPhoneExplorer.exe1
Pfad des fehlerhaften Moduls: MyPhoneExplorer.exe2
Berichtskennung: MyPhoneExplorer.exe3
Vollständiger Name des fehlerhaften Pakets: MyPhoneExplorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MyPhoneExplorer.exe5
Error: (12/06/2014 01:23:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MyPhoneExplorer.exe, Version: 1.8.0.6, Zeitstempel: 0x53f91b47
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002cc0f3
ID des fehlerhaften Prozesses: 0x2dac
Startzeit der fehlerhaften Anwendung: 0xMyPhoneExplorer.exe0
Pfad der fehlerhaften Anwendung: MyPhoneExplorer.exe1
Pfad des fehlerhaften Moduls: MyPhoneExplorer.exe2
Berichtskennung: MyPhoneExplorer.exe3
Vollständiger Name des fehlerhaften Pakets: MyPhoneExplorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MyPhoneExplorer.exe5
Error: (12/01/2014 01:44:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MyPhoneExplorer.exe, Version: 1.8.0.6, Zeitstempel: 0x53f91b47
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00ae52a7
ID des fehlerhaften Prozesses: 0x27a4
Startzeit der fehlerhaften Anwendung: 0xMyPhoneExplorer.exe0
Pfad der fehlerhaften Anwendung: MyPhoneExplorer.exe1
Pfad des fehlerhaften Moduls: MyPhoneExplorer.exe2
Berichtskennung: MyPhoneExplorer.exe3
Vollständiger Name des fehlerhaften Pakets: MyPhoneExplorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MyPhoneExplorer.exe5
Error: (12/01/2014 01:44:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MyPhoneExplorer.exe, Version: 1.8.0.6, Zeitstempel: 0x53f91b47
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00ae52a7
ID des fehlerhaften Prozesses: 0x27a4
Startzeit der fehlerhaften Anwendung: 0xMyPhoneExplorer.exe0
Pfad der fehlerhaften Anwendung: MyPhoneExplorer.exe1
Pfad des fehlerhaften Moduls: MyPhoneExplorer.exe2
Berichtskennung: MyPhoneExplorer.exe3
Vollständiger Name des fehlerhaften Pakets: MyPhoneExplorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MyPhoneExplorer.exe5
Error: (11/30/2014 05:27:21 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Recovery" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (11/29/2014 02:34:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MyPhoneExplorer.exe, Version: 1.8.0.6, Zeitstempel: 0x53f91b47
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00305d5f
ID des fehlerhaften Prozesses: 0x2728
Startzeit der fehlerhaften Anwendung: 0xMyPhoneExplorer.exe0
Pfad der fehlerhaften Anwendung: MyPhoneExplorer.exe1
Pfad des fehlerhaften Moduls: MyPhoneExplorer.exe2
Berichtskennung: MyPhoneExplorer.exe3
Vollständiger Name des fehlerhaften Pakets: MyPhoneExplorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MyPhoneExplorer.exe5
Error: (11/29/2014 02:34:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MyPhoneExplorer.exe, Version: 1.8.0.6, Zeitstempel: 0x53f91b47
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00305d5f
ID des fehlerhaften Prozesses: 0x2728
Startzeit der fehlerhaften Anwendung: 0xMyPhoneExplorer.exe0
Pfad der fehlerhaften Anwendung: MyPhoneExplorer.exe1
Pfad des fehlerhaften Moduls: MyPhoneExplorer.exe2
Berichtskennung: MyPhoneExplorer.exe3
Vollständiger Name des fehlerhaften Pakets: MyPhoneExplorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MyPhoneExplorer.exe5
Error: (11/29/2014 06:31:55 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Recovery" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (11/28/2014 02:34:58 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Recovery" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
System errors:
=============
Error: (12/08/2014 10:41:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Seagate Scheduler2 Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/08/2014 10:41:17 AM) (Source: MEIx64) (EventID: 3) (User: )
Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware.
Error: (12/08/2014 10:30:09 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst PlugPlay erreicht.
Error: (12/08/2014 10:29:39 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Acronis Nonstop Backup Service konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (12/08/2014 10:28:08 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SystemEventsBroker erreicht.
Error: (12/08/2014 10:27:38 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst DcomLaunch erreicht.
Error: (12/08/2014 10:27:08 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst BrokerInfrastructure erreicht.
Error: (12/08/2014 10:25:57 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (12/08/2014 10:25:57 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1070
Error: (12/08/2014 10:25:56 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.
Microsoft Office Sessions:
=========================
Error: (12/06/2014 03:38:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Solitaire.exe1.0.0.0545cb1dbcombase.dll6.3.9600.1703153086d7cc000027b000fb1d7151001d00a7536f38316C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Solitaire.exeC:\WINDOWS\SYSTEM32\combase.dll494dd876-7d23-11e4-bf80-1c3e842c03ccMicrosoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbweApp
Error: (12/06/2014 01:23:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MyPhoneExplorer.exe1.8.0.653f91b47unknown0.0.0.000000000c000041d002cc0f32dac01d0110d0fb3f1adC:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exeunknown6047d434-7d10-11e4-bf80-1c3e842c03cc
Error: (12/06/2014 01:23:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MyPhoneExplorer.exe1.8.0.653f91b47unknown0.0.0.000000000c0000005002cc0f32dac01d0110d0fb3f1adC:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exeunknown5f09c313-7d10-11e4-bf80-1c3e842c03cc
Error: (12/01/2014 01:44:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MyPhoneExplorer.exe1.8.0.653f91b47unknown0.0.0.000000000c000041d00ae52a727a401d00d2ff50bbfd0C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exeunknown9152df2a-7925-11e4-bf80-1c3e842c03cc
Error: (12/01/2014 01:44:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MyPhoneExplorer.exe1.8.0.653f91b47unknown0.0.0.000000000c000000500ae52a727a401d00d2ff50bbfd0C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exeunknown9035952d-7925-11e4-bf80-1c3e842c03cc
Error: (11/30/2014 05:27:21 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: RecoveryFalscher Parameter. (0x80070057)
Error: (11/29/2014 02:34:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MyPhoneExplorer.exe1.8.0.653f91b47unknown0.0.0.000000000c000041d00305d5f272801d00ba090eb4fc8C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exeunknown1663579e-779a-11e4-bf80-1c3e842c03cc
Error: (11/29/2014 02:34:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MyPhoneExplorer.exe1.8.0.653f91b47unknown0.0.0.000000000c000000500305d5f272801d00ba090eb4fc8C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exeunknown1515d681-779a-11e4-bf80-1c3e842c03cc
Error: (11/29/2014 06:31:55 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: RecoveryFalscher Parameter. (0x80070057)
Error: (11/28/2014 02:34:58 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: RecoveryFalscher Parameter. (0x80070057)
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 63%
Total physical RAM: 32648.27 MB
Available physical RAM: 11988.26 MB
Total Pagefile: 37512.27 MB
Available Pagefile: 18765.44 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:220.66 GB) (Free:101.5 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:14.57 GB) NTFS
Drive h: (Seagate Backup Plus Drive) (Fixed) (Total:3726.02 GB) (Free:948.84 GB) NTFS
Drive x: () (Fixed) (Total:1862.98 GB) (Free:913.79 GB) NTFS
Drive y: () (Fixed) (Total:130 GB) (Free:18.25 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: EC9225A9)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EC922593)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
08.12.2014, 09:30
| #5 |
| | adfoc.us ruft unerwünschte websites auf 14:16:48.0168 0x192c TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34 14:16:48.0168 0x192c UEFI system 14:16:52.0636 0x192c ============================================================ 14:16:52.0636 0x192c Current date / time: 2014/12/08 14:16:52.0636 14:16:52.0636 0x192c SystemInfo: 14:16:52.0636 0x192c 14:16:52.0636 0x192c OS Version: 6.3.9600 ServicePack: 0.0 14:16:52.0636 0x192c Product type: Workstation 14:16:52.0636 0x192c ComputerName: ACER32 14:16:52.0636 0x192c UserName: acer 14:16:52.0636 0x192c Windows directory: C:\WINDOWS 14:16:52.0636 0x192c System windows directory: C:\WINDOWS 14:16:52.0636 0x192c Running under WOW64 14:16:52.0636 0x192c Processor architecture: Intel x64 14:16:52.0636 0x192c Number of processors: 8 14:16:52.0636 0x192c Page size: 0x1000 14:16:52.0636 0x192c Boot type: Normal boot 14:16:52.0636 0x192c ============================================================ 14:16:52.0701 0x192c KLMD registered as C:\WINDOWS\system32\drivers\80552638.sys 14:16:52.0839 0x192c System UUID: {BF051405-AEFD-848D-A910-0E5C56134627} 14:17:04.0420 0x192c Drive \Device\Harddisk3\DR3 - Size: 0x3A3817D5000 ( 3726.02 Gb ), SectorSize: 0x1000, Cylinders: 0xED80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K1', Flags 0x00000040 14:17:04.0422 0x192c Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 14:17:04.0452 0x192c Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 14:17:09.0603 0x192c Drive \Device\Harddisk2\DR2 - Size: 0x1D1BF100000 ( 1862.99 Gb ), SectorSize: 0x200, Cylinders: 0x3B5FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 14:17:09.0607 0x192c Drive \Device\Harddisk3\DR3 - Size: 0x3A3817D5000 ( 3726.02 Gb ), SectorSize: 0x1000, Cylinders: 0xED80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 14:17:09.0609 0x192c ============================================================ 14:17:09.0609 0x192c \Device\Harddisk3\DR3: 14:17:09.0610 0x192c MBR partitions: 14:17:09.0610 0x192c \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A380FD5 14:17:09.0610 0x192c \Device\Harddisk0\DR0: 14:17:09.0610 0x192c GPT partitions: 14:17:09.0610 0x192c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B4FE561B-78CB-4A40-831F-5A3D79C52052}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000 14:17:09.0610 0x192c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {38D8E145-C955-45E9-AE8B-DF077B9E1C34}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000 14:17:09.0610 0x192c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4B845DFD-03EE-43D1-95BF-9D17CCF46D08}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000 14:17:09.0610 0x192c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E07744CC-AA98-453A-AB6F-22D46E5D2073}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x1B951800 14:17:09.0610 0x192c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FB21C1F4-3EE6-403C-8537-7A026AC55278}, Name: Basic data partition, StartLBA 0x1BAF0000, BlocksNum 0x2203000 14:17:09.0610 0x192c MBR partitions: 14:17:09.0610 0x192c \Device\Harddisk1\DR1: 14:17:09.0612 0x192c MBR partitions: 14:17:09.0612 0x192c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800 14:17:09.0612 0x192c \Device\Harddisk2\DR2: 14:17:09.0613 0x192c MBR partitions: 14:17:09.0613 0x192c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8DF8000 14:17:09.0613 0x192c \Device\Harddisk3\DR3: 14:17:09.0613 0x192c MBR partitions: 14:17:09.0613 0x192c \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A380FD5 14:17:09.0613 0x192c ============================================================ 14:17:09.0613 0x192c C: <-> \Device\Harddisk0\DR0\Partition4 14:17:09.0654 0x192c D: <-> \Device\Harddisk1\DR1\Partition1 14:17:09.0684 0x192c H: <-> \Device\Harddisk3\DR3\Partition1 14:17:09.0684 0x192c ============================================================ 14:17:09.0684 0x192c Initialize success 14:17:09.0684 0x192c ============================================================ 14:17:57.0347 0x114c ============================================================ 14:17:57.0347 0x114c Scan started 14:17:57.0347 0x114c Mode: Manual; SigCheck; TDLFS; 14:17:57.0347 0x114c ============================================================ 14:17:57.0347 0x114c KSN ping started 14:18:20.0166 0x114c KSN ping finished: true 14:19:35.0343 0x114c ================ Scan system memory ======================== 14:19:35.0343 0x114c System memory - ok 14:19:35.0343 0x114c ================ Scan services ============================= 14:19:35.0377 0x114c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 14:19:35.0404 0x114c 1394ohci - ok 14:19:35.0411 0x114c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 14:19:35.0420 0x114c 3ware - ok 14:19:35.0442 0x114c [ 191D0B8020E9997252FA035700769BAA, E9CB88EAD148E823283013F356C2F835791BA88F06DE92688B41D3647006705E ] ABBYY.Licensing.FineReader.Professional.11.0 C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe 14:19:35.0484 0x114c ABBYY.Licensing.FineReader.Professional.11.0 - ok 14:19:35.0500 0x114c [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 14:19:35.0522 0x114c ACPI - ok 14:19:35.0526 0x114c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 14:19:35.0535 0x114c acpiex - ok 14:19:35.0538 0x114c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 14:19:35.0545 0x114c acpipagr - ok 14:19:35.0548 0x114c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 14:19:35.0557 0x114c AcpiPmi - ok 14:19:35.0561 0x114c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 14:19:35.0576 0x114c acpitime - ok 14:19:35.0597 0x114c [ CD41DFA7A778555B2055E2D388F5CB33, AE149AB7823AE3A97E2826C06968F32A7E50331484203E4581C83E441A1680F9 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe 14:19:35.0650 0x114c AcrSch2Svc - ok 14:19:35.0667 0x114c [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 14:19:35.0677 0x114c AdobeFlashPlayerUpdateSvc - ok 14:19:35.0694 0x114c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 14:19:35.0717 0x114c ADP80XX - ok 14:19:35.0725 0x114c [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll 14:19:35.0740 0x114c AeLookupSvc - ok 14:19:35.0749 0x114c [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp C:\WINDOWS\system32\DRIVERS\afcdp.sys 14:19:35.0765 0x114c afcdp - ok 14:19:35.0832 0x114c [ 3B1C11CB7006495F799F8A2AB8B2D530, B7B0C4922A1843BBF8104CDC705C4FEA1F1A760C1CC2BD6BC5E4213A0E4ED9FD ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe 14:19:35.0954 0x114c afcdpsrv - ok 14:19:35.0970 0x114c [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys 14:19:35.0989 0x114c AFD - ok 14:19:35.0998 0x114c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 14:19:36.0008 0x114c agp440 - ok 14:19:36.0013 0x114c [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 14:19:36.0022 0x114c ahcache - ok 14:19:36.0026 0x114c [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe 14:19:36.0037 0x114c ALG - ok 14:19:36.0043 0x114c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 14:19:36.0052 0x114c AmdK8 - ok 14:19:36.0056 0x114c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 14:19:36.0066 0x114c AmdPPM - ok 14:19:36.0071 0x114c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 14:19:36.0079 0x114c amdsata - ok 14:19:36.0086 0x114c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 14:19:36.0099 0x114c amdsbs - ok 14:19:36.0102 0x114c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 14:19:36.0110 0x114c amdxata - ok 14:19:36.0120 0x114c [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys 14:19:36.0133 0x114c AppID - ok 14:19:36.0139 0x114c [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 14:19:36.0147 0x114c AppIDSvc - ok 14:19:36.0152 0x114c [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo C:\WINDOWS\System32\appinfo.dll 14:19:36.0163 0x114c Appinfo - ok 14:19:36.0176 0x114c [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 14:19:36.0197 0x114c AppReadiness - ok 14:19:36.0232 0x114c [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 14:19:36.0270 0x114c AppXSvc - ok 14:19:36.0277 0x114c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 14:19:36.0288 0x114c arcsas - ok 14:19:36.0291 0x114c [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 14:19:36.0300 0x114c AsyncMac - ok 14:19:36.0305 0x114c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 14:19:36.0311 0x114c atapi - ok 14:19:36.0316 0x114c [ 62A40F3DFF2B40915A1981285B14EFD4, 02F19978D153E816A6A879F6D0D67B2AB89F5964B86953F11B82D9970C3ED963 ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys 14:19:36.0322 0x114c AthBTPort - ok 14:19:36.0329 0x114c [ A917E4F753B90A5181ECBFA56D5C154A, 4025FC65AB44AE5FDF6D144F16873C1E165D9EB7C4BF0570C996F2D7C8B71A1E ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\AdminService.exe 14:19:36.0356 0x114c AtherosSvc - ok 14:19:36.0421 0x114c [ 1BBC9DC016F64B5031A35BBD0C037761, BAFD26CC089FF51E98143E4D42A54740058CD102245C79D104EF9FFE3F9F1B61 ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys 14:19:36.0503 0x114c athr - ok 14:19:36.0513 0x114c [ 7F70B1044272982AAEA7C16E83424770, A7694D38DF5A0E1040688017DB811EF0788874FE505ADD572DE4D4647073DC12 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 14:19:36.0527 0x114c AudioEndpointBuilder - ok 14:19:36.0545 0x114c [ C0484CA5C7F87E38909746B63C7FC868, 65159639E2300AEA886184E9D47D449350DAF69A8AA2F9DBD6BD8A474BA73177 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 14:19:36.0569 0x114c Audiosrv - ok 14:19:36.0575 0x114c [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 14:19:36.0584 0x114c AxInstSV - ok 14:19:36.0596 0x114c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 14:19:36.0615 0x114c b06bdrv - ok 14:19:36.0618 0x114c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 14:19:36.0627 0x114c BasicDisplay - ok 14:19:36.0631 0x114c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 14:19:36.0646 0x114c BasicRender - ok 14:19:36.0651 0x114c [ 46F541CA78A10E754D7CB55867ED358E, B279AB4A8A9026F2049803654F030DD06DAB6912260B92ABD42EC269623FAB69 ] BCM42RLY C:\WINDOWS\system32\drivers\BCM42RLY.sys 14:19:36.0656 0x114c BCM42RLY - ok 14:19:36.0660 0x114c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 14:19:36.0666 0x114c bcmfn2 - ok 14:19:36.0684 0x114c [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 14:19:36.0698 0x114c BDESVC - ok 14:19:36.0702 0x114c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys 14:19:36.0709 0x114c Beep - ok 14:19:36.0726 0x114c [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\WINDOWS\System32\bfe.dll 14:19:36.0750 0x114c BFE - ok 14:19:36.0771 0x114c [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll 14:19:36.0801 0x114c BITS - ok 14:19:36.0805 0x114c [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 14:19:36.0815 0x114c bowser - ok 14:19:36.0823 0x114c [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 14:19:36.0837 0x114c BrokerInfrastructure - ok 14:19:36.0843 0x114c [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\WINDOWS\System32\browser.dll 14:19:36.0854 0x114c Browser - ok 14:19:36.0863 0x114c [ 6BF12F3F3A5D3F2866E69B8B463BC0CD, E6D3358ABCF16ED2E68A93171C5E84D797137898BB2231E26FF0E4A07B8ADB22 ] BTATH_A2DP C:\WINDOWS\system32\drivers\btath_a2dp.sys 14:19:36.0876 0x114c BTATH_A2DP - ok 14:19:36.0886 0x114c [ DC7038090A369FE866B76DB18E356558, 6782DBDDA352FBF8C2F5F6A90591794B569F2897AA5BD901AF062E774E734E48 ] btath_avdt C:\WINDOWS\system32\drivers\btath_avdt.sys 14:19:36.0893 0x114c btath_avdt - ok 14:19:36.0899 0x114c [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\WINDOWS\System32\drivers\btath_hcrp.sys 14:19:36.0907 0x114c BTATH_HCRP - ok 14:19:36.0911 0x114c [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys 14:19:36.0916 0x114c BTATH_LWFLT - ok 14:19:36.0923 0x114c [ A6019537D6125099363F90D0C6D181F9, CA0C46AABBF71E2A29C93A477A06D33E3CACC84978DD9D729BEFB339E50D7055 ] BTATH_RCP C:\WINDOWS\System32\drivers\btath_rcp.sys 14:19:36.0929 0x114c BTATH_RCP - ok 14:19:36.0944 0x114c [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys 14:19:36.0959 0x114c BtFilter - ok 14:19:36.0964 0x114c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 14:19:36.0973 0x114c BthAvrcpTg - ok 14:19:36.0977 0x114c [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys 14:19:36.0990 0x114c BthEnum - ok 14:19:36.0993 0x114c [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 14:19:37.0003 0x114c BthHFEnum - ok 14:19:37.0006 0x114c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 14:19:37.0014 0x114c bthhfhid - ok 14:19:37.0023 0x114c [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys 14:19:37.0043 0x114c BthLEEnum - ok 14:19:37.0047 0x114c [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 14:19:37.0068 0x114c BTHMODEM - ok 14:19:37.0073 0x114c [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys 14:19:37.0097 0x114c BthPan - ok 14:19:37.0126 0x114c [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys 14:19:37.0177 0x114c BTHPORT - ok 14:19:37.0182 0x114c [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll 14:19:37.0191 0x114c bthserv - ok 14:19:37.0199 0x114c [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys 14:19:37.0217 0x114c BTHUSB - ok 14:19:37.0264 0x114c [ 843F5EFF90A988617C5FFD8596A2B571, 69FF9731876E1CBA4BBF00557F0CBC73247165F8EB45F45A55CC0178A7B90D44 ] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe 14:19:37.0318 0x114c CCDMonitorService - ok 14:19:37.0325 0x114c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 14:19:37.0334 0x114c cdfs - ok 14:19:37.0341 0x114c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 14:19:37.0351 0x114c cdrom - ok 14:19:37.0358 0x114c [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 14:19:37.0373 0x114c CertPropSvc - ok 14:19:37.0378 0x114c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys 14:19:37.0386 0x114c circlass - ok 14:19:37.0395 0x114c [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 14:19:37.0409 0x114c CLFS - ok 14:19:37.0417 0x114c [ 16080706CF270608F191A9E0BDBC8513, BBBEA6C16D525C49A64E166763B9D82215C80A36D78C1E96C72499FAD8F362E3 ] CLKMSVC10_96E434EB C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe 14:19:37.0427 0x114c CLKMSVC10_96E434EB - ok 14:19:37.0435 0x114c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 14:19:37.0442 0x114c CmBatt - ok 14:19:37.0456 0x114c [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG C:\WINDOWS\system32\Drivers\cng.sys 14:19:37.0480 0x114c CNG - ok 14:19:37.0486 0x114c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys 14:19:37.0494 0x114c CompositeBus - ok 14:19:37.0497 0x114c COMSysApp - ok 14:19:37.0505 0x114c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys 14:19:37.0513 0x114c condrv - ok 14:19:37.0533 0x114c [ 5E0493ED36092F22C6E189ADA4DD3199, BAD7CEB3DFA4C54F0E8AB76805B7D7AF9C06DDEC7ACFA73E4EBF8EA3E3D578ED ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 14:19:37.0595 0x114c cphs - ok 14:19:37.0601 0x114c [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 14:19:37.0613 0x114c CryptSvc - ok 14:19:37.0616 0x114c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys 14:19:37.0625 0x114c dam - ok 14:19:37.0640 0x114c [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 14:19:37.0665 0x114c DcomLaunch - ok 14:19:37.0676 0x114c [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\WINDOWS\System32\defragsvc.dll 14:19:37.0695 0x114c defragsvc - ok 14:19:37.0705 0x114c [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll 14:19:37.0722 0x114c DeviceAssociationService - ok 14:19:37.0737 0x114c [ D06DB4200F9444B2386E6C0E68CD574A, 7266A22D6AF86813CF8AB13BE40384D20C24CE72EF75B0C467C5F88F5B058B1E ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe 14:19:37.0763 0x114c DeviceFastLaneService - ok 14:19:37.0767 0x114c [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 14:19:37.0780 0x114c DeviceInstall - ok 14:19:37.0785 0x114c [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 14:19:37.0804 0x114c Dfsc - ok 14:19:37.0813 0x114c [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 14:19:37.0828 0x114c Dhcp - ok 14:19:37.0834 0x114c [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys 14:19:37.0843 0x114c disk - ok 14:19:37.0846 0x114c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 14:19:37.0853 0x114c dmvsc - ok 14:19:37.0861 0x114c [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 14:19:37.0875 0x114c Dnscache - ok 14:19:37.0883 0x114c [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll 14:19:37.0896 0x114c dot3svc - ok 14:19:37.0902 0x114c [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll 14:19:37.0920 0x114c DPS - ok 14:19:37.0923 0x114c [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 14:19:37.0936 0x114c drmkaud - ok 14:19:37.0947 0x114c [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 14:19:37.0962 0x114c DsmSvc - ok 14:19:37.0990 0x114c [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 14:19:38.0032 0x114c DXGKrnl - ok 14:19:38.0037 0x114c [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll 14:19:38.0049 0x114c Eaphost - ok 14:19:38.0106 0x114c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 14:19:38.0193 0x114c ebdrv - ok 14:19:38.0200 0x114c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe 14:19:38.0208 0x114c EFS - ok 14:19:38.0212 0x114c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 14:19:38.0220 0x114c EhStorClass - ok 14:19:38.0226 0x114c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 14:19:38.0235 0x114c EhStorTcgDrv - ok 14:19:38.0249 0x114c [ 616E1B9130314EB0E331197940AA625B, A4736A31EFF6D35A27B0EC14A7C855B7577301500E20CE936B0F1C0013F0FDF0 ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe 14:19:38.0265 0x114c ePowerSvc - ok 14:19:38.0270 0x114c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 14:19:38.0276 0x114c ErrDev - ok 14:19:38.0286 0x114c [ F3AED65F54A867CE73D76BA6032E3BDD, 488B65C2574655AC9C9231FF0B677CB3B90C38689D4DE592D8060091AFB83445 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys 14:19:38.0298 0x114c ETD - ok 14:19:38.0301 0x114c [ 4298A4CAFBA0D4017955DA40085D0F88, 0A62508AF7A587C05546646AE417443E44F790BE7BCE3E20A267723FFA1C7A1A ] ETDService C:\Program Files\Elantech\ETDService.exe 14:19:38.0310 0x114c ETDService - ok 14:19:38.0328 0x114c [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll 14:19:38.0344 0x114c EventSystem - ok 14:19:38.0350 0x114c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 14:19:38.0365 0x114c exfat - ok 14:19:38.0372 0x114c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 14:19:38.0383 0x114c fastfat - ok 14:19:38.0397 0x114c [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe 14:19:38.0417 0x114c Fax - ok 14:19:38.0421 0x114c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 14:19:38.0428 0x114c fdc - ok 14:19:38.0432 0x114c [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll 14:19:38.0444 0x114c fdPHost - ok 14:19:38.0448 0x114c [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll 14:19:38.0462 0x114c FDResPub - ok 14:19:38.0467 0x114c [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll 14:19:38.0479 0x114c fhsvc - ok 14:19:38.0484 0x114c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 14:19:38.0493 0x114c FileInfo - ok 14:19:38.0497 0x114c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 14:19:38.0508 0x114c Filetrace - ok 14:19:38.0512 0x114c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 14:19:38.0519 0x114c flpydisk - ok 14:19:38.0534 0x114c [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 14:19:38.0548 0x114c FltMgr - ok 14:19:38.0554 0x114c [ FDD776FAC4159A2983940D1E411FE9F3, 3B147B4D3C5CC67117D65152FA8BD3A603728C92B023AE45CD166E6FF3F474C5 ] fltsrv C:\WINDOWS\system32\DRIVERS\fltsrv.sys 14:19:38.0570 0x114c fltsrv - ok 14:19:38.0595 0x114c [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll 14:19:38.0631 0x114c FontCache - ok 14:19:38.0636 0x114c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 14:19:38.0644 0x114c FontCache3.0.0.0 - ok 14:19:38.0647 0x114c [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 14:19:38.0655 0x114c FsDepends - ok 14:19:38.0658 0x114c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 14:19:38.0666 0x114c Fs_Rec - ok 14:19:38.0677 0x114c [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 14:19:38.0697 0x114c fvevol - ok 14:19:38.0701 0x114c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys 14:19:38.0708 0x114c FxPPM - ok 14:19:38.0713 0x114c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 14:19:38.0721 0x114c gagp30kx - ok 14:19:38.0724 0x114c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 14:19:38.0736 0x114c gencounter - ok 14:19:38.0742 0x114c [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 14:19:38.0752 0x114c GPIOClx0101 - ok 14:19:38.0775 0x114c [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\WINDOWS\System32\gpsvc.dll 14:19:38.0809 0x114c gpsvc - ok 14:19:38.0815 0x114c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:19:38.0822 0x114c gupdate - ok 14:19:38.0825 0x114c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:19:38.0831 0x114c gupdatem - ok 14:19:38.0835 0x114c [ BDDBCFF870442B3C24C158CD53079132, 62314C296ACF1EF9EB38FB70B66B57D1BB9917C8536B39892272D172BC58A5C3 ] hcmon C:\WINDOWS\system32\drivers\hcmon.sys 14:19:38.0841 0x114c hcmon - ok 14:19:38.0853 0x114c [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys 14:19:38.0869 0x114c HdAudAddService - ok 14:19:38.0874 0x114c [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 14:19:38.0883 0x114c HDAudBus - ok 14:19:38.0886 0x114c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 14:19:38.0894 0x114c HidBatt - ok 14:19:38.0898 0x114c [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 14:19:38.0907 0x114c HidBth - ok 14:19:38.0912 0x114c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 14:19:38.0920 0x114c hidi2c - ok 14:19:38.0923 0x114c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 14:19:38.0931 0x114c HidIr - ok 14:19:38.0934 0x114c [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll 14:19:38.0943 0x114c hidserv - ok 14:19:38.0947 0x114c [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 14:19:38.0961 0x114c HidUsb - ok 14:19:38.0965 0x114c [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll 14:19:38.0985 0x114c hkmsvc - ok 14:19:38.0993 0x114c [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 14:19:39.0011 0x114c HomeGroupListener - ok 14:19:39.0022 0x114c [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 14:19:39.0039 0x114c HomeGroupProvider - ok 14:19:39.0043 0x114c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 14:19:39.0052 0x114c HpSAMD - ok 14:19:39.0071 0x114c [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 14:19:39.0112 0x114c HTTP - ok 14:19:39.0116 0x114c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 14:19:39.0122 0x114c hwpolicy - ok 14:19:39.0126 0x114c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 14:19:39.0133 0x114c hyperkbd - ok 14:19:39.0137 0x114c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 14:19:39.0144 0x114c HyperVideo - ok 14:19:39.0150 0x114c [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 14:19:39.0160 0x114c i8042prt - ok 14:19:39.0163 0x114c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 14:19:39.0169 0x114c iaLPSSi_GPIO - ok 14:19:39.0173 0x114c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 14:19:39.0181 0x114c iaLPSSi_I2C - ok 14:19:39.0194 0x114c [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 14:19:39.0213 0x114c iaStorA - ok 14:19:39.0230 0x114c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 14:19:39.0247 0x114c iaStorAV - ok 14:19:39.0257 0x114c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 14:19:39.0273 0x114c iaStorV - ok 14:19:39.0276 0x114c [ C1010ADD3DDAE1196ED21057AF7B2AAE, 68196851855AD395008D7F29FCEB28BA4BEB1F062B1844A60813E7DD102ACB1C ] ICCWDT C:\WINDOWS\System32\drivers\ICCWDT.sys 14:19:39.0281 0x114c ICCWDT - ok 14:19:39.0323 0x114c [ ACD1812E8A531E1CEA09BA3991371E48, 87CAE32D26A36B0AEF8EC884CDFE3E6A572C9330206E004BD63423ED00BB5A62 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe 14:19:39.0374 0x114c IconMan_R - ok 14:19:39.0379 0x114c IEEtwCollectorService - ok 14:19:39.0458 0x114c [ 3DA2B5AC772F03E408E2372E17ADC3A6, 89BB9C5EA79F311359AF678791ABD8F41155F5292D34BF55E26E37CDF32D2085 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 14:19:39.0589 0x114c igfx - ok 14:19:39.0601 0x114c [ 33FA2ECC88E5BCFAC7C8407D2573CDA1, E053680F9DA91BF0F785AEB4B07BC7F9E041646E5B7C104DB441E041175617BA ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe 14:19:39.0628 0x114c igfxCUIService1.0.0.0 - ok 14:19:39.0648 0x114c [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\WINDOWS\System32\ikeext.dll 14:19:39.0681 0x114c IKEEXT - ok 14:19:39.0687 0x114c [ CF25067821BB89E87021E9493C178863, 1AA25378EFD977BC6CD9405A395FA2962770385FAB5A9A55FC95B5F6DFD8D1AE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys 14:19:39.0699 0x114c intaud_WaveExtensible - ok 14:19:39.0702 0x114c IntcAzAudAddService - ok 14:19:39.0712 0x114c [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 14:19:39.0738 0x114c IntcDAud - ok 14:19:39.0753 0x114c [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 14:19:40.0208 0x114c Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 ) 14:19:44.0129 0x114c Detect skipped due to KSN trusted 14:19:44.0129 0x114c Intel(R) Capability Licensing Service Interface - ok 14:19:44.0145 0x114c [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 14:19:44.0652 0x114c Intel(R) Capability Licensing Service TCP IP Interface - ok 14:19:44.0656 0x114c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys 14:19:44.0663 0x114c intelide - ok 14:19:44.0672 0x114c [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 14:19:44.0682 0x114c intelpep - ok 14:19:44.0687 0x114c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 14:19:44.0696 0x114c intelppm - ok 14:19:44.0700 0x114c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 14:19:44.0710 0x114c IpFilterDriver - ok 14:19:44.0728 0x114c [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 14:19:44.0764 0x114c iphlpsvc - ok 14:19:44.0770 0x114c [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 14:19:44.0788 0x114c IPMIDRV - ok 14:19:44.0793 0x114c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 14:19:44.0806 0x114c IPNAT - ok 14:19:44.0810 0x114c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 14:19:44.0820 0x114c IRENUM - ok 14:19:44.0823 0x114c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 14:19:44.0833 0x114c isapnp - ok 14:19:44.0843 0x114c [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 14:19:44.0857 0x114c iScsiPrt - ok 14:19:44.0863 0x114c [ 7EBDA65260289C9043BA48B85135702C, 0F138F19376D78AA465443E8A384B740CCA5841323EEF3684AB9064B59AD66BC ] ISODrive C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys 14:19:44.0884 0x114c ISODrive - ok 14:19:44.0888 0x114c [ 2DB1E2AE4A0DE62026296F0A6C29F3F5, A5A3D4D5BF9FF1DB5AC3BE15699B52707C8EB71EFA8FA82E7AE7A0C52C224380 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys 14:19:44.0899 0x114c iwdbus - ok 14:19:44.0905 0x114c [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 14:19:44.0913 0x114c jhi_service - ok 14:19:44.0923 0x114c [ 779010324CCB6B974C4D737DDAABB2D5, 3D8591069D02F0888517C54A4C52E3174771EE86D3DA272C14FCE1B27DCB8613 ] k57nd60a C:\WINDOWS\system32\DRIVERS\k57nd60a.sys 14:19:44.0937 0x114c k57nd60a - ok 14:19:44.0942 0x114c [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 14:19:44.0950 0x114c kbdclass - ok 14:19:44.0953 0x114c [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 14:19:44.0962 0x114c kbdhid - ok 14:19:44.0965 0x114c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys 14:19:44.0974 0x114c kdnic - ok 14:19:44.0977 0x114c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe 14:19:44.0985 0x114c KeyIso - ok 14:19:44.0991 0x114c [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 14:19:45.0000 0x114c KSecDD - ok 14:19:45.0006 0x114c [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 14:19:45.0016 0x114c KSecPkg - ok 14:19:45.0021 0x114c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 14:19:45.0028 0x114c ksthunk - ok 14:19:45.0037 0x114c [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 14:19:45.0052 0x114c KtmRm - ok 14:19:45.0060 0x114c [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 14:19:45.0082 0x114c LanmanServer - ok 14:19:45.0093 0x114c [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 14:19:45.0106 0x114c LanmanWorkstation - ok 14:19:45.0118 0x114c [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll 14:19:45.0137 0x114c lfsvc - ok 14:19:45.0142 0x114c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys 14:19:45.0151 0x114c lltdio - ok 14:19:45.0159 0x114c [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 14:19:45.0173 0x114c lltdsvc - ok 14:19:45.0176 0x114c [ 95DD1E89A772A383E0FDC677A2E2ED44, 94701ACC1F4D5422CB7084609BC25D34A05F68829DB5030AA6697BD7DBC3B0B2 ] LMDriver C:\WINDOWS\System32\drivers\LMDriver.sys 14:19:45.0182 0x114c LMDriver - ok 14:19:45.0185 0x114c [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 14:19:45.0195 0x114c lmhosts - ok 14:19:45.0205 0x114c [ 90C864827E1722F5BB6EEA8896A4E8EF, 6F9D96B7A65BD79ED5A384025393F36A5DEAC4EE01CA173874906B54F57150EF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 14:19:45.0216 0x114c LMS - ok 14:19:45.0226 0x114c [ E1A37D1BF2F57345D078C324693F6A38, 99EF79344DB7EB1EBCABA716112FD23A350574BD67C451F421207E5341704504 ] LMSvc C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe 14:19:45.0254 0x114c LMSvc - ok 14:19:45.0260 0x114c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 14:19:45.0269 0x114c LSI_SAS - ok 14:19:45.0273 0x114c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys 14:19:45.0282 0x114c LSI_SAS2 - ok 14:19:45.0295 0x114c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys 14:19:45.0306 0x114c LSI_SAS3 - ok 14:19:45.0311 0x114c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 14:19:45.0320 0x114c LSI_SSS - ok 14:19:45.0336 0x114c [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll 14:19:45.0359 0x114c LSM - ok 14:19:45.0365 0x114c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 14:19:45.0382 0x114c luafv - ok 14:19:45.0389 0x114c [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe 14:19:45.0399 0x114c McComponentHostService - ok 14:19:45.0404 0x114c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys 14:19:45.0411 0x114c megasas - ok 14:19:45.0424 0x114c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys 14:19:45.0444 0x114c megasr - ok 14:19:45.0448 0x114c [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys 14:19:45.0464 0x114c MEIx64 - ok 14:19:45.0467 0x114c [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll 14:19:45.0477 0x114c MMCSS - ok 14:19:45.0481 0x114c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys 14:19:45.0491 0x114c Modem - ok 14:19:45.0495 0x114c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys 14:19:45.0506 0x114c monitor - ok 14:19:45.0513 0x114c [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 14:19:45.0520 0x114c mouclass - ok 14:19:45.0524 0x114c [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 14:19:45.0532 0x114c mouhid - ok 14:19:45.0537 0x114c [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 14:19:45.0546 0x114c mountmgr - ok 14:19:45.0549 0x114c [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 14:19:45.0560 0x114c mpsdrv - ok 14:19:45.0577 0x114c [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 14:19:45.0602 0x114c MpsSvc - ok 14:19:45.0608 0x114c [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 14:19:45.0626 0x114c MRxDAV - ok 14:19:45.0636 0x114c [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 14:19:45.0650 0x114c mrxsmb - ok 14:19:45.0658 0x114c [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 14:19:45.0691 0x114c mrxsmb10 - ok 14:19:45.0703 0x114c [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 14:19:45.0723 0x114c mrxsmb20 - ok 14:19:45.0728 0x114c [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys 14:19:45.0746 0x114c MsBridge - ok 14:19:45.0752 0x114c [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe 14:19:45.0762 0x114c MSDTC - ok 14:19:45.0767 0x114c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 14:19:45.0776 0x114c Msfs - ok 14:19:45.0779 0x114c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 14:19:45.0787 0x114c msgpiowin32 - ok 14:19:45.0789 0x114c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 14:19:45.0797 0x114c mshidkmdf - ok 14:19:45.0799 0x114c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 14:19:45.0808 0x114c mshidumdf - ok 14:19:45.0811 0x114c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 14:19:45.0818 0x114c msisadrv - ok 14:19:45.0824 0x114c [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 14:19:45.0834 0x114c MSiSCSI - ok 14:19:45.0837 0x114c msiserver - ok 14:19:45.0840 0x114c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 14:19:45.0848 0x114c MSKSSRV - ok 14:19:45.0851 0x114c [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys 14:19:45.0861 0x114c MsLldp - ok 14:19:45.0869 0x114c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 14:19:45.0881 0x114c MSPCLOCK - ok 14:19:45.0884 0x114c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 14:19:45.0891 0x114c MSPQM - ok 14:19:45.0899 0x114c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 14:19:45.0914 0x114c MsRPC - ok 14:19:45.0919 0x114c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 14:19:45.0926 0x114c mssmbios - ok 14:19:45.0929 0x114c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 14:19:45.0936 0x114c MSTEE - ok 14:19:45.0940 0x114c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 14:19:45.0948 0x114c MTConfig - ok 14:19:45.0951 0x114c [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys 14:19:45.0960 0x114c Mup - ok 14:19:45.0963 0x114c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 14:19:45.0972 0x114c mvumis - ok 14:19:45.0982 0x114c [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll 14:19:46.0000 0x114c napagent - ok 14:19:46.0010 0x114c [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 14:19:46.0034 0x114c NativeWifiP - ok 14:19:46.0050 0x114c [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate c:\Program Files (x86)\Nero\Update\NASvc.exe 14:19:46.0069 0x114c NAUpdate - ok 14:19:46.0081 0x114c [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 14:19:46.0096 0x114c NcaSvc - ok 14:19:46.0101 0x114c [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll 14:19:46.0111 0x114c NcbService - ok 14:19:46.0115 0x114c [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 14:19:46.0135 0x114c NcdAutoSetup - ok 14:19:46.0156 0x114c [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 14:19:46.0188 0x114c NDIS - ok 14:19:46.0192 0x114c [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys 14:19:46.0201 0x114c NdisCap - ok 14:19:46.0207 0x114c [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 14:19:46.0224 0x114c NdisImPlatform - ok 14:19:46.0228 0x114c [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 14:19:46.0237 0x114c NdisTapi - ok 14:19:46.0242 0x114c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 14:19:46.0250 0x114c Ndisuio - ok 14:19:46.0253 0x114c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 14:19:46.0262 0x114c NdisVirtualBus - ok 14:19:46.0269 0x114c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 14:19:46.0283 0x114c NdisWan - ok 14:19:46.0292 0x114c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 14:19:46.0305 0x114c NdisWanLegacy - ok 14:19:46.0309 0x114c [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys |
|
08.12.2014, 09:31
| #6 |
| | adfoc.us ruft unerwünschte websites auf tdssskiller log teil 2 14:19:46.0320 0x114c NDProxy - ok 14:19:46.0324 0x114c [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 14:19:46.0335 0x114c Ndu - ok 14:19:46.0339 0x114c [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 14:19:46.0349 0x114c NetBIOS - ok 14:19:46.0356 0x114c [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 14:19:46.0368 0x114c NetBT - ok 14:19:46.0372 0x114c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe 14:19:46.0380 0x114c Netlogon - ok 14:19:46.0386 0x114c [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll 14:19:46.0401 0x114c Netman - ok 14:19:46.0413 0x114c [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 14:19:46.0433 0x114c netprofm - ok 14:19:46.0440 0x114c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 14:19:46.0450 0x114c NetTcpPortSharing - ok 14:19:46.0454 0x114c [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys 14:19:46.0463 0x114c netvsc - ok 14:19:46.0474 0x114c [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 14:19:46.0493 0x114c NlaSvc - ok 14:19:46.0498 0x114c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 14:19:46.0506 0x114c Npfs - ok 14:19:46.0511 0x114c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 14:19:46.0517 0x114c npsvctrig - ok 14:19:46.0521 0x114c [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll 14:19:46.0530 0x114c nsi - ok 14:19:46.0534 0x114c [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 14:19:46.0541 0x114c nsiproxy - ok 14:19:46.0580 0x114c [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 14:19:46.0634 0x114c Ntfs - ok 14:19:46.0646 0x114c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys 14:19:46.0654 0x114c Null - ok 14:19:46.0852 0x114c [ 86B50CE257C74E378FC2686B8A1F8B30, 944093E5182FD076A93D8D9C06979E2B031A310217DFF0B2723CB136EE517772 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys 14:19:47.0070 0x114c nvlddmkm - ok 14:19:47.0083 0x114c [ 3C4C982A745D50EEF29A59927E4E37CD, DB1C833FDA7873D00578C281EC808A6A303D0B569141E5F08FC6369F84AF8318 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys 14:19:47.0088 0x114c nvpciflt - ok 14:19:47.0093 0x114c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 14:19:47.0104 0x114c nvraid - ok 14:19:47.0109 0x114c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 14:19:47.0120 0x114c nvstor - ok 14:19:47.0138 0x114c [ F44DF61D9B1C1269862CF4E135B64590, 7E6579A63A6E2E75C9CA752A5D16896C1677F6B7461C9ED9E1962B97946E716B ] nvsvc C:\WINDOWS\system32\nvvsvc.exe 14:19:47.0161 0x114c nvsvc - ok 14:19:47.0187 0x114c [ 845AF450F71A11B7358C6EFE9A76A894, 8042DF2402D00E210536552AC8202F6112F75C2F1506B0BED8DD3F04AF7BEF3F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 14:19:47.0218 0x114c nvUpdatusService - ok 14:19:47.0223 0x114c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 14:19:47.0232 0x114c nv_agp - ok 14:19:47.0247 0x114c [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 14:19:47.0265 0x114c p2pimsvc - ok 14:19:47.0275 0x114c [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll 14:19:47.0291 0x114c p2psvc - ok 14:19:47.0297 0x114c [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys 14:19:47.0306 0x114c Parport - ok 14:19:47.0311 0x114c [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 14:19:47.0319 0x114c partmgr - ok 14:19:47.0331 0x114c [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 14:19:47.0349 0x114c PcaSvc - ok 14:19:47.0359 0x114c [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys 14:19:47.0372 0x114c pci - ok 14:19:47.0377 0x114c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 14:19:47.0383 0x114c pciide - ok 14:19:47.0389 0x114c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 14:19:47.0398 0x114c pcmcia - ok 14:19:47.0401 0x114c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 14:19:47.0409 0x114c pcw - ok 14:19:47.0413 0x114c [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\WINDOWS\system32\drivers\pdc.sys 14:19:47.0421 0x114c pdc - ok 14:19:47.0435 0x114c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 14:19:47.0468 0x114c PEAUTH - ok 14:19:47.0482 0x114c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 14:19:47.0490 0x114c PerfHost - ok 14:19:47.0521 0x114c [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll 14:19:47.0560 0x114c pla - ok 14:19:47.0567 0x114c [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 14:19:47.0576 0x114c PlugPlay - ok 14:19:47.0579 0x114c [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 14:19:47.0588 0x114c PNRPAutoReg - ok 14:19:47.0596 0x114c [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 14:19:47.0610 0x114c PNRPsvc - ok 14:19:47.0619 0x114c [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 14:19:47.0642 0x114c PolicyAgent - ok 14:19:47.0654 0x114c [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll 14:19:47.0664 0x114c Power - ok 14:19:47.0669 0x114c [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 14:19:47.0680 0x114c PptpMiniport - ok 14:19:47.0731 0x114c [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 14:19:47.0822 0x114c PrintNotify - ok 14:19:47.0830 0x114c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys 14:19:47.0845 0x114c Processor - ok 14:19:47.0852 0x114c [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc C:\WINDOWS\system32\profsvc.dll 14:19:47.0866 0x114c ProfSvc - ok 14:19:47.0872 0x114c [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys 14:19:47.0882 0x114c Psched - ok 14:19:47.0890 0x114c [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll 14:19:47.0905 0x114c QWAVE - ok 14:19:47.0909 0x114c [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 14:19:47.0919 0x114c QWAVEdrv - ok 14:19:47.0922 0x114c [ E94067155C8AA4EF134CB2528E0C9CD7, 6EEF603F64827AB138930DFE379BF8E48E64AE8AA5EE7B9E0CA369022BAAA2EA ] RadioShim C:\WINDOWS\System32\drivers\RadioShim.sys 14:19:47.0926 0x114c RadioShim - ok 14:19:47.0931 0x114c [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 14:19:47.0940 0x114c RasAcd - ok 14:19:47.0944 0x114c [ 674A4702E4E144E8710ED1A2EC6DD049, 613A921101A6815C9185D5EF3E251A592604E56FADE945BB7E256885CAD473BC ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys 14:19:47.0962 0x114c RasAgileVpn - ok 14:19:47.0966 0x114c [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll 14:19:47.0978 0x114c RasAuto - ok 14:19:47.0983 0x114c [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 14:19:47.0994 0x114c Rasl2tp - ok 14:19:48.0006 0x114c [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll 14:19:48.0026 0x114c RasMan - ok 14:19:48.0031 0x114c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 14:19:48.0041 0x114c RasPppoe - ok 14:19:48.0045 0x114c [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys 14:19:48.0059 0x114c RasSstp - ok 14:19:48.0080 0x114c [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 14:19:48.0103 0x114c rdbss - ok 14:19:48.0108 0x114c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 14:19:48.0114 0x114c rdpbus - ok 14:19:48.0121 0x114c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 14:19:48.0132 0x114c RDPDR - ok 14:19:48.0138 0x114c [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 14:19:48.0144 0x114c RdpVideoMiniport - ok 14:19:48.0153 0x114c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 14:19:48.0164 0x114c rdyboost - ok 14:19:48.0184 0x114c [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys 14:19:48.0213 0x114c ReFS - ok 14:19:48.0220 0x114c [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 14:19:48.0234 0x114c RemoteAccess - ok 14:19:48.0239 0x114c [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 14:19:48.0261 0x114c RemoteRegistry - ok 14:19:48.0268 0x114c [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys 14:19:48.0285 0x114c RFCOMM - ok 14:19:48.0290 0x114c [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 14:19:48.0299 0x114c RpcEptMapper - ok 14:19:48.0303 0x114c [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe 14:19:48.0311 0x114c RpcLocator - ok 14:19:48.0325 0x114c [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll 14:19:48.0345 0x114c RpcSs - ok 14:19:48.0355 0x114c [ 92650E6BFBB2F010C331DCDF49F09310, 0C7F2608A6051F7E932C9866EFAA13B0D57DF9D4FD88A178F737384C50719EB9 ] RSPCIESTOR C:\WINDOWS\system32\DRIVERS\RtsPStor.sys 14:19:48.0365 0x114c RSPCIESTOR - ok 14:19:48.0370 0x114c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys 14:19:48.0380 0x114c rspndr - ok 14:19:48.0384 0x114c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 14:19:48.0390 0x114c s3cap - ok 14:19:48.0394 0x114c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe 14:19:48.0402 0x114c SamSs - ok 14:19:48.0406 0x114c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 14:19:48.0416 0x114c sbp2port - ok 14:19:48.0423 0x114c [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 14:19:48.0436 0x114c SCardSvr - ok 14:19:48.0442 0x114c [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 14:19:48.0463 0x114c ScDeviceEnum - ok 14:19:48.0466 0x114c [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 14:19:48.0476 0x114c scfilter - ok 14:19:48.0500 0x114c [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\WINDOWS\system32\schedsvc.dll 14:19:48.0533 0x114c Schedule - ok 14:19:48.0539 0x114c [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 14:19:48.0551 0x114c SCPolicySvc - ok 14:19:48.0559 0x114c [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 14:19:48.0577 0x114c sdbus - ok 14:19:48.0582 0x114c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 14:19:48.0590 0x114c sdstor - ok 14:19:48.0594 0x114c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys 14:19:48.0601 0x114c secdrv - ok 14:19:48.0605 0x114c [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll 14:19:48.0616 0x114c seclogon - ok 14:19:48.0619 0x114c [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll 14:19:48.0633 0x114c SENS - ok 14:19:48.0639 0x114c [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 14:19:48.0651 0x114c SensrSvc - ok 14:19:48.0655 0x114c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 14:19:48.0664 0x114c SerCx - ok 14:19:48.0676 0x114c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 14:19:48.0687 0x114c SerCx2 - ok 14:19:48.0691 0x114c [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 14:19:48.0698 0x114c Serenum - ok 14:19:48.0703 0x114c [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys 14:19:48.0712 0x114c Serial - ok 14:19:48.0716 0x114c [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 14:19:48.0723 0x114c sermouse - ok 14:19:48.0734 0x114c [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll 14:19:48.0750 0x114c SessionEnv - ok 14:19:48.0754 0x114c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 14:19:48.0761 0x114c sfloppy - ok 14:19:48.0764 0x114c SgtSch2Svc - ok 14:19:48.0774 0x114c [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 14:19:48.0792 0x114c SharedAccess - ok 14:19:48.0807 0x114c [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 14:19:48.0832 0x114c ShellHWDetection - ok 14:19:48.0837 0x114c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 14:19:48.0844 0x114c SiSRaid2 - ok 14:19:48.0848 0x114c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 14:19:48.0858 0x114c SiSRaid4 - ok 14:19:48.0860 0x114c [ 18473323B0029FFDDBC2236B3FB63153, CB12932BA1A5C3BE6F4C2287B1604757E358EB0A977ED3F327430304F8D7E230 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys 14:19:48.0867 0x114c SmbDrvI - ok 14:19:48.0869 0x114c [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll 14:19:48.0886 0x114c smphost - ok 14:19:48.0898 0x114c [ FBE0201AB61E18934C812C34D31A4403, 549E51FC11CCA30B21970C90F4799D6CB94481CDC623B8C319F16DAEFC8A190B ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys 14:19:48.0919 0x114c snapman - ok 14:19:48.0923 0x114c [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 14:19:48.0933 0x114c SNMPTRAP - ok 14:19:48.0946 0x114c [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 14:19:48.0964 0x114c spaceport - ok 14:19:48.0969 0x114c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 14:19:48.0978 0x114c SpbCx - ok 14:19:48.0993 0x114c [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\WINDOWS\System32\spoolsv.exe 14:19:49.0019 0x114c Spooler - ok 14:19:49.0124 0x114c [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe 14:19:49.0285 0x114c sppsvc - ok 14:19:49.0301 0x114c [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 14:19:49.0327 0x114c srv - ok 14:19:49.0345 0x114c [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 14:19:49.0365 0x114c srv2 - ok 14:19:49.0372 0x114c [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 14:19:49.0393 0x114c srvnet - ok 14:19:49.0400 0x114c [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 14:19:49.0414 0x114c SSDPSRV - ok 14:19:49.0419 0x114c [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 14:19:49.0432 0x114c SstpSvc - ok 14:19:49.0435 0x114c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 14:19:49.0443 0x114c stexstor - ok 14:19:49.0456 0x114c [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll 14:19:49.0479 0x114c stisvc - ok 14:19:49.0483 0x114c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 14:19:49.0493 0x114c storahci - ok 14:19:49.0497 0x114c [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys 14:19:49.0505 0x114c storflt - ok 14:19:49.0509 0x114c [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 14:19:49.0521 0x114c stornvme - ok 14:19:49.0527 0x114c [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll 14:19:49.0537 0x114c StorSvc - ok 14:19:49.0541 0x114c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 14:19:49.0548 0x114c storvsc - ok 14:19:49.0552 0x114c [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll 14:19:49.0570 0x114c svsvc - ok 14:19:49.0575 0x114c [ D53CAB3ADAE01DDF71999042C0FED2D4, 8BCAD34F3C7340452DDB5E204D7AE26BEBAE5322557BFC4DC8EB310723B1AE27 ] SWDUMon C:\WINDOWS\system32\DRIVERS\SWDUMon.sys 14:19:49.0581 0x114c SWDUMon - ok 14:19:49.0584 0x114c [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys 14:19:49.0591 0x114c swenum - ok 14:19:49.0605 0x114c [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll 14:19:49.0629 0x114c swprv - ok 14:19:49.0747 0x114c [ 0FE29D81F372CA2DCE9E49736A3BD3E6, 10ED93BEE7ECBD2AF5E7AB0197CC82A5424FD63A2ED90F0417B266AD06E5F32C ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe 14:19:49.0882 0x114c syncagentsrv - ok 14:19:49.0910 0x114c [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll 14:19:49.0945 0x114c SysMain - ok 14:19:49.0953 0x114c [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 14:19:49.0968 0x114c SystemEventsBroker - ok 14:19:49.0975 0x114c [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 14:19:49.0985 0x114c TabletInputService - ok 14:19:49.0993 0x114c [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 14:19:50.0008 0x114c TapiSrv - ok 14:19:50.0051 0x114c [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 14:19:50.0113 0x114c Tcpip - ok 14:19:50.0162 0x114c [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys 14:19:50.0218 0x114c TCPIP6 - ok 14:19:50.0226 0x114c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 14:19:50.0240 0x114c tcpipreg - ok 14:19:50.0268 0x114c [ 07330E30921C70E9D9B416EE43A06349, 398500C12E685BCF732C7F80A2C0E95181E5377A0E6C14CF9A3EE8580083A556 ] tdrpman C:\WINDOWS\system32\DRIVERS\tdrpman.sys 14:19:50.0314 0x114c tdrpman - ok 14:19:50.0320 0x114c [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 14:19:50.0332 0x114c tdx - ok 14:19:50.0337 0x114c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 14:19:50.0345 0x114c terminpt - ok 14:19:50.0365 0x114c [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\WINDOWS\System32\termsrv.dll 14:19:50.0395 0x114c TermService - ok 14:19:50.0398 0x114c [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll 14:19:50.0413 0x114c Themes - ok 14:19:50.0417 0x114c [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll 14:19:50.0426 0x114c THREADORDER - ok 14:19:50.0447 0x114c [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib C:\WINDOWS\system32\DRIVERS\tib.sys 14:19:50.0484 0x114c tib - ok 14:19:50.0491 0x114c [ 3C29FB9FC9B4C511AD69DC50257FEC75, 4906DADE076FD363C53044C805602EEA4D0EF6E92041C693E1BED2286614B36E ] tib_mounter C:\WINDOWS\system32\DRIVERS\tib_mounter.sys 14:19:50.0520 0x114c tib_mounter - ok 14:19:50.0529 0x114c [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 14:19:50.0546 0x114c TimeBroker - ok 14:19:50.0552 0x114c [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys 14:19:50.0563 0x114c TPM - ok 14:19:50.0568 0x114c [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll 14:19:50.0580 0x114c TrkWks - ok 14:19:50.0586 0x114c [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt C:\WINDOWS\system32\drivers\truecrypt.sys 14:19:50.0595 0x114c truecrypt - ok 14:19:50.0600 0x114c [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 14:19:50.0611 0x114c TrustedInstaller - ok 14:19:50.0616 0x114c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 14:19:50.0625 0x114c TsUsbFlt - ok 14:19:50.0629 0x114c [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 14:19:50.0635 0x114c TsUsbGD - ok 14:19:50.0640 0x114c [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys 14:19:50.0652 0x114c tunnel - ok 14:19:50.0657 0x114c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 14:19:50.0665 0x114c uagp35 - ok 14:19:50.0670 0x114c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 14:19:50.0679 0x114c UASPStor - ok 14:19:50.0686 0x114c [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys 14:19:50.0697 0x114c UCX01000 - ok 14:19:50.0705 0x114c [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 14:19:50.0724 0x114c udfs - ok 14:19:50.0732 0x114c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 14:19:50.0741 0x114c UEFI - ok 14:19:50.0747 0x114c [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 14:19:50.0759 0x114c UI0Detect - ok 14:19:50.0763 0x114c [ 6E566C1708DDC93ADF9286E9C714B652, AF179BCA9395D51ACDFB5BACE29388E2B4D5587FCAB53898AAA4F4011851B115 ] UimBus C:\WINDOWS\System32\drivers\UimBus.sys 14:19:50.0777 0x114c UimBus - ok 14:19:50.0781 0x114c [ 7DF6A08B0B74C4F9357EFBAE309B87F1, 9A5BB8EA70709519A3599D0818923321AE691CC9EBC1ABC3F5BB008AF18B797B ] Uim_DEVIM C:\WINDOWS\System32\drivers\uim_devim.sys 14:19:50.0793 0x114c Uim_DEVIM - ok 14:19:50.0808 0x114c [ 2DDD63E0948474B91046CF1AB7661189, A91A1F1E646B928C95C30DA4D70220262D3A67C1B66E365C981AA23A401624E9 ] Uim_IM C:\WINDOWS\System32\drivers\uim_im.sys 14:19:50.0838 0x114c Uim_IM - ok 14:19:50.0841 0x114c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 14:19:50.0850 0x114c uliagpkx - ok 14:19:50.0853 0x114c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 14:19:50.0861 0x114c umbus - ok 14:19:50.0865 0x114c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 14:19:50.0872 0x114c UmPass - ok 14:19:50.0880 0x114c [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 14:19:50.0893 0x114c UmRdpService - ok 14:19:50.0903 0x114c [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll 14:19:50.0922 0x114c upnphost - ok 14:19:50.0928 0x114c [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 14:19:50.0958 0x114c usbaudio - ok 14:19:50.0964 0x114c [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 14:19:50.0975 0x114c usbccgp - ok 14:19:50.0980 0x114c [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 14:19:50.0990 0x114c usbcir - ok 14:19:50.0995 0x114c [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 14:19:51.0004 0x114c usbehci - ok 14:19:51.0016 0x114c [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 14:19:51.0034 0x114c usbhub - ok 14:19:51.0047 0x114c [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 14:19:51.0066 0x114c USBHUB3 - ok 14:19:51.0071 0x114c [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 14:19:51.0082 0x114c usbohci - ok 14:19:51.0085 0x114c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 14:19:51.0094 0x114c usbprint - ok 14:19:51.0101 0x114c [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 14:19:51.0112 0x114c USBSTOR - ok 14:19:51.0115 0x114c [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 14:19:51.0131 0x114c usbuhci - ok 14:19:51.0138 0x114c [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 14:19:51.0159 0x114c usbvideo - ok 14:19:51.0170 0x114c [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 14:19:51.0185 0x114c USBXHCI - ok 14:19:51.0188 0x114c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe 14:19:51.0195 0x114c VaultSvc - ok 14:19:51.0199 0x114c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 14:19:51.0207 0x114c vdrvroot - ok 14:19:51.0231 0x114c [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe 14:19:51.0266 0x114c vds - ok 14:19:51.0272 0x114c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 14:19:51.0283 0x114c VerifierExt - ok 14:19:51.0298 0x114c [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 14:19:51.0319 0x114c vhdmp - ok 14:19:51.0323 0x114c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys 14:19:51.0330 0x114c viaide - ok 14:19:51.0335 0x114c [ 1AA9C2331234786211A261C8FC69EB25, BC0D3F0A3473A9C3F3A62E706AC639DE643FF9EC2ABFF85BDC32F5C4B492DDD6 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe 14:19:51.0341 0x114c VMAuthdService - ok 14:19:51.0346 0x114c [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 14:19:51.0358 0x114c vmbus - ok 14:19:51.0367 0x114c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 14:19:51.0376 0x114c VMBusHID - ok 14:19:51.0380 0x114c [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci C:\WINDOWS\system32\drivers\vmci.sys 14:19:51.0387 0x114c vmci - ok 14:19:51.0399 0x114c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll 14:19:51.0416 0x114c vmicguestinterface - ok 14:19:51.0426 0x114c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 14:19:51.0447 0x114c vmicheartbeat - ok 14:19:51.0459 0x114c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 14:19:51.0475 0x114c vmickvpexchange - ok 14:19:51.0485 0x114c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 14:19:51.0501 0x114c vmicrdv - ok 14:19:51.0512 0x114c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 14:19:51.0528 0x114c vmicshutdown - ok 14:19:51.0538 0x114c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 14:19:51.0553 0x114c vmictimesync - ok 14:19:51.0564 0x114c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll 14:19:51.0588 0x114c vmicvss - ok 14:19:51.0591 0x114c [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys 14:19:51.0596 0x114c VMnetAdapter - ok 14:19:51.0600 0x114c [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys 14:19:51.0605 0x114c VMnetBridge - ok 14:19:51.0608 0x114c VMnetDHCP - ok 14:19:51.0610 0x114c [ 0554C979222692C8DB07AF39279EC67D, 02632D9F7F8F9EBEAA79FC169904E370E3213CED840D977CC90AADAD4FBA528D ] VMnetuserif C:\WINDOWS\system32\drivers\vmnetuserif.sys 14:19:51.0616 0x114c VMnetuserif - ok 14:19:51.0620 0x114c [ 3770822B78B9866C36DBE231F8B9FA36, 7E0B3B6808E82A47A06BA5D8326772D36738C1C9FF4438584CDAAC6E6EAA1607 ] vmusb C:\WINDOWS\System32\drivers\vmusb.sys 14:19:51.0626 0x114c vmusb - ok 14:19:51.0643 0x114c [ 41FAE6618768DC93D98DDAF3F8282D3E, 95995542026CC111B8FFAA01AC9E55B2F942A9108F5F00502A35339C13BBF20D ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe 14:19:51.0666 0x114c VMUSBArbService - ok 14:19:51.0670 0x114c VMware NAT Service - ok 14:19:51.0903 0x114c [ B99741CE1B6AD69E2EF6C2450D906F8E, A5C40E1F371600E956721E252B9E962F68071D468CAB65FFA77D03229C4BAD3A ] VMwareHostd C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe 14:19:52.0197 0x114c VMwareHostd - ok 14:19:52.0214 0x114c [ 3459BF60AA9B66E308A3D1656AEFD6C3, 71A43696570ADB551895408C879AEDA4DB8B78E58E4292A8B3B06D91790F6E07 ] vmx86 C:\WINDOWS\system32\drivers\vmx86.sys 14:19:52.0219 0x114c vmx86 - ok 14:19:52.0224 0x114c [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 14:19:52.0232 0x114c volmgr - ok 14:19:52.0241 0x114c [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 14:19:52.0256 0x114c volmgrx - ok 14:19:52.0266 0x114c [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 14:19:52.0282 0x114c volsnap - ok 14:19:52.0285 0x114c [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 14:19:52.0294 0x114c vpci - ok 14:19:52.0300 0x114c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 14:19:52.0310 0x114c vsmraid - ok 14:19:52.0314 0x114c [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock C:\WINDOWS\system32\drivers\vsock.sys 14:19:52.0319 0x114c vsock - ok 14:19:52.0346 0x114c [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe 14:19:52.0385 0x114c VSS - ok 14:19:52.0399 0x114c [ E7CE8988B98202A5CF429CA358D26CC5, 773E38E263D2EB179E8767809ED4B98CDECEA4BD970AAE0BB31FD6D219E5E079 ] vstor2-mntapi20-shared C:\WINDOWS\syswow64\drivers\vstor2-mntapi20-shared.sys 14:19:52.0404 0x114c vstor2-mntapi20-shared - ok 14:19:52.0413 0x114c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 14:19:52.0425 0x114c VSTXRAID - ok 14:19:52.0436 0x114c [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 14:19:52.0449 0x114c vwifibus - ok 14:19:52.0454 0x114c [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys 14:19:52.0467 0x114c vwififlt - ok 14:19:52.0471 0x114c [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys 14:19:52.0477 0x114c vwifimp - ok 14:19:52.0487 0x114c [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll 14:19:52.0506 0x114c W32Time - ok 14:19:52.0509 0x114c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 14:19:52.0516 0x114c WacomPen - ok 14:19:52.0520 0x114c [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] WANARP C:\WINDOWS\system32\DRIVERS\wanarp.sys 14:19:52.0531 0x114c WANARP - ok 14:19:52.0534 0x114c [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys 14:19:52.0544 0x114c Wanarpv6 - ok 14:19:52.0572 0x114c [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe 14:19:52.0612 0x114c wbengine - ok 14:19:52.0623 0x114c [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 14:19:52.0641 0x114c WbioSrvc - ok 14:19:52.0650 0x114c [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 14:19:52.0667 0x114c Wcmsvc - ok 14:19:52.0678 0x114c [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 14:19:52.0697 0x114c wcncsvc - ok 14:19:52.0701 0x114c [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 14:19:52.0710 0x114c WcsPlugInService - ok 14:19:52.0714 0x114c [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 14:19:52.0721 0x114c WdBoot - ok 14:19:52.0737 0x114c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 14:19:52.0760 0x114c Wdf01000 - ok 14:19:52.0768 0x114c [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 14:19:52.0785 0x114c WdFilter - ok 14:19:52.0790 0x114c [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 14:19:52.0803 0x114c WdiServiceHost - ok 14:19:52.0807 0x114c [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 14:19:52.0819 0x114c WdiSystemHost - ok 14:19:52.0825 0x114c [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 14:19:52.0833 0x114c WdNisDrv - ok 14:19:52.0835 0x114c WdNisSvc - ok 14:19:52.0844 0x114c [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\WINDOWS\System32\webclnt.dll 14:19:52.0858 0x114c WebClient - ok 14:19:52.0865 0x114c [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 14:19:52.0878 0x114c Wecsvc - ok 14:19:52.0882 0x114c [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 14:19:52.0892 0x114c WEPHOSTSVC - ok 14:19:52.0897 0x114c [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 14:19:52.0910 0x114c wercplsupport - ok 14:19:52.0915 0x114c [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll 14:19:52.0926 0x114c WerSvc - ok 14:19:52.0931 0x114c [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys 14:19:52.0941 0x114c WFPLWFS - ok 14:19:52.0945 0x114c [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 14:19:52.0954 0x114c WiaRpc - ok 14:19:52.0957 0x114c [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 14:19:52.0967 0x114c WIMMount - ok 14:19:52.0970 0x114c WinDefend - ok 14:19:52.0991 0x114c [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 14:19:53.0014 0x114c WinHttpAutoProxySvc - ok 14:19:53.0023 0x114c [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 14:19:53.0036 0x114c Winmgmt - ok 14:19:53.0084 0x114c [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 14:19:53.0143 0x114c WinRM - ok 14:19:53.0152 0x114c [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys 14:19:53.0162 0x114c WinUsb - ok 14:19:53.0192 0x114c [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 14:19:53.0230 0x114c WlanSvc - ok 14:19:53.0259 0x114c [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 14:19:53.0298 0x114c wlidsvc - ok 14:19:53.0303 0x114c [ 81D22DDB7FE20B84B463405653D6762D, 760758BFAAC2A0A2CEB6AFDED9B638A8C19C36F9860CBC27B8E814898E5D360E ] wltrysvc C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE 14:19:53.0315 0x114c wltrysvc - detected UnsignedFile.Multi.Generic ( 1 ) 14:19:57.0239 0x114c Detect skipped due to KSN trusted 14:19:57.0239 0x114c wltrysvc - ok 14:19:57.0243 0x114c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 14:19:57.0250 0x114c WmiAcpi - ok 14:19:57.0257 0x114c [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 14:19:57.0270 0x114c wmiApSrv - ok 14:19:57.0273 0x114c WMPNetworkSvc - ok 14:19:57.0278 0x114c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys 14:19:57.0288 0x114c Wof - ok 14:19:57.0318 0x114c [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 14:19:57.0361 0x114c workfolderssvc - ok 14:19:57.0368 0x114c [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 14:19:57.0375 0x114c wpcfltr - ok 14:19:57.0378 0x114c [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll 14:19:57.0387 0x114c WPCSvc - ok 14:19:57.0391 0x114c [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 14:19:57.0402 0x114c WPDBusEnum - ok 14:19:57.0406 0x114c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 14:19:57.0413 0x114c WpdUpFltr - ok 14:19:57.0417 0x114c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 14:19:57.0426 0x114c ws2ifsl - ok 14:19:57.0430 0x114c [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll 14:19:57.0443 0x114c wscsvc - ok 14:19:57.0447 0x114c [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys 14:19:57.0455 0x114c WSDPrintDevice - ok 14:19:57.0458 0x114c [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan C:\WINDOWS\System32\drivers\WSDScan.sys 14:19:57.0472 0x114c WSDScan - ok 14:19:57.0476 0x114c WSearch - ok 14:19:57.0559 0x114c [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll 14:19:57.0648 0x114c WSService - ok 14:19:57.0710 0x114c [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv C:\WINDOWS\system32\wuaueng.dll 14:19:57.0780 0x114c wuauserv - ok 14:19:57.0787 0x114c [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 14:19:57.0802 0x114c WudfPf - ok 14:19:57.0810 0x114c [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 14:19:57.0827 0x114c WUDFRd - ok 14:19:57.0831 0x114c [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 14:19:57.0842 0x114c wudfsvc - ok 14:19:57.0849 0x114c [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 14:19:57.0859 0x114c WUDFWpdFs - ok 14:19:57.0864 0x114c [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 14:19:57.0877 0x114c WUDFWpdMtp - ok 14:19:57.0888 0x114c [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 14:19:57.0906 0x114c WwanSvc - ok 14:19:57.0917 0x114c ================ Scan global =============================== 14:19:57.0922 0x114c [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll 14:19:57.0929 0x114c [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll 14:19:57.0936 0x114c [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll 14:19:57.0947 0x114c [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe 14:19:57.0954 0x114c [ Global ] - ok 14:19:57.0954 0x114c ================ Scan MBR ================================== 14:19:58.0002 0x114c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3 14:19:58.0095 0x114c \Device\Harddisk3\DR3 - ok 14:19:58.0097 0x114c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 14:19:58.0116 0x114c \Device\Harddisk0\DR0 - ok 14:19:58.0142 0x114c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 14:19:58.0313 0x114c \Device\Harddisk1\DR1 - ok 14:19:58.0633 0x114c [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2 14:19:58.0771 0x114c \Device\Harddisk2\DR2 - ok 14:19:58.0776 0x114c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3 14:19:58.0836 0x114c \Device\Harddisk3\DR3 - ok 14:19:58.0836 0x114c ================ Scan VBR ================================== 14:19:58.0838 0x114c [ 257F8643EC39C003BCBC6BFEE43132DE ] \Device\Harddisk3\DR3\Partition1 14:19:58.0863 0x114c \Device\Harddisk3\DR3\Partition1 - ok 14:19:58.0865 0x114c [ 83E9B8FCDBD4DD3611B29E4CEA5155D6 ] \Device\Harddisk0\DR0\Partition1 14:19:58.0867 0x114c \Device\Harddisk0\DR0\Partition1 - ok 14:19:58.0869 0x114c [ 4C1FBAE85517814C7C2AFBE7B47C4700 ] \Device\Harddisk0\DR0\Partition2 14:19:58.0869 0x114c \Device\Harddisk0\DR0\Partition2 - ok 14:19:58.0871 0x114c [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3 14:19:58.0871 0x114c \Device\Harddisk0\DR0\Partition3 - ok 14:19:58.0874 0x114c [ 74BD9A82F40C88FD2E16AC908DF8A031 ] \Device\Harddisk0\DR0\Partition4 14:19:58.0875 0x114c \Device\Harddisk0\DR0\Partition4 - ok 14:19:58.0878 0x114c [ 1F5200608F0B9D60D1E508BFC438CD48 ] \Device\Harddisk0\DR0\Partition5 14:19:58.0879 0x114c \Device\Harddisk0\DR0\Partition5 - ok 14:19:58.0907 0x114c [ 5304208F2E369F086F9249FF9CF3CB2D ] \Device\Harddisk1\DR1\Partition1 14:19:58.0977 0x114c \Device\Harddisk1\DR1\Partition1 - ok 14:19:58.0980 0x114c [ 7FDC56E050FEC768A5A1643F70A9F1D0 ] \Device\Harddisk2\DR2\Partition1 14:19:58.0980 0x114c \Device\Harddisk2\DR2\Partition1 - ok 14:19:58.0981 0x114c [ 257F8643EC39C003BCBC6BFEE43132DE ] \Device\Harddisk3\DR3\Partition1 14:19:58.0983 0x114c \Device\Harddisk3\DR3\Partition1 - ok 14:19:58.0983 0x114c ================ Scan generic autorun ====================== 14:19:58.0983 0x114c ETDCtrl - ok 14:19:59.0151 0x114c [ 1BDE119A1FF66CD8B88BA63A2847263C, 71198DE2472BA649A5463052E7498BED352CE9D0897F0671BD01D68844A9548E ] C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe 14:19:59.0349 0x114c Broadcom Wireless Manager UI - detected UnsignedFile.Multi.Generic ( 1 ) 14:20:03.0309 0x114c Broadcom Wireless Manager UI ( UnsignedFile.Multi.Generic ) - warning 14:20:16.0338 0x114c [ 68D45D36DD827738A2F2E8E21E53C193, C51BA0A2A40D320663BE5BF2519A61B831E12FEBB349E638246E87408AD02B84 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe 14:20:16.0396 0x114c CanonMyPrinter - ok 14:20:16.0416 0x114c [ A847C604349FC233FEC183DDB354BD00, EBBA8C53071413BFFCD0F503D14936F466AD0348474889779EFC114DA22FC5E3 ] C:\WINDOWS\system32\spool\DRIVERS\x64\3\fppdis3a.exe 14:20:16.0431 0x114c pdfFactory Pro Dispatcher v3 - detected UnsignedFile.Multi.Generic ( 1 ) 14:20:20.0337 0x114c Detect skipped due to KSN trusted 14:20:20.0337 0x114c pdfFactory Pro Dispatcher v3 - ok 14:20:20.0347 0x114c [ E26A05C5DD6C3BDB4CFEC0F323FBC01D, 1AC78490889CA27854777F87467C5F19C3A2F85528E71AE541D8F1C7CECA2079 ] C:\WINDOWS\system32\igfxtray.exe 14:20:20.0359 0x114c IgfxTray - ok 14:20:20.0361 0x114c HotKeysCmds - ok 14:20:20.0362 0x114c Persistence - ok 14:20:20.0364 0x114c Seagate Scheduler2 Service - ok 14:20:20.0374 0x114c [ A0B996A6D4F7502EC6A9AADFB87FDA25, 2A79F03DECCC5C11E5B14109F5FBD790A4E005A45C71766E3C85BF14699F034C ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe 14:20:20.0387 0x114c Acronis Scheduler2 Service - ok 14:20:20.0409 0x114c [ 6521891B67EAD77CAFD877D8A24ED769, 80B431BE56C11D4F2C526E11984B73983B3F1289BED497382D5E4E5DA649D2E3 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE 14:20:20.0440 0x114c CanonSolutionMenuEx - ok 14:20:20.0452 0x114c [ D3570ACC178180AC0D7C24645461A9D3, 9E3440A2537DD3E494ADC40DA63BE1EF4DE014E7DB17748A95841CA667CCE563 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe 14:20:20.0465 0x114c IJNetworkScannerSelectorEX - ok 14:20:20.0492 0x114c [ 4FC29DE98DBAA3F1E0DD390FFF7B99E2, 45C93F067676D7A02E33FB358B1B9CA83E36D9422C26ED68336C2E053D5068C7 ] C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe 14:20:20.0523 0x114c Bonus.SSR.FR11 - ok 14:20:20.0525 0x114c DiscWizardMonitor.exe - ok 14:20:20.0653 0x114c [ B8434467D90B65E5A2D697C7FF511802, A0F5D234A1CA1384160FB63AF40B169B4649DF7D77534DE1B16E1063EC922A87 ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe 14:20:20.0803 0x114c TrueImageMonitor.exe - ok 14:20:20.0836 0x114c [ 5FF9A79628D4A0BA3DCD6CF5EC8FD3BF, 9818AAF8F1F1C0CBD8B89352DBAF1ADBEA1F19928543517EB6473C112E95A38D ] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe 14:20:20.0860 0x114c AcronisTibMounterMonitor - ok 14:20:20.0868 0x114c [ 356BD2D8FF8AA1283D3BBF875A696605, 0D9295B0E109808E28EEB58B72C5BCA64EF8F7C95F3D5D0D5FEB46BB8FA2BE92 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe 14:20:20.0877 0x114c KiesTrayAgent - ok 14:20:20.0882 0x114c [ AA30EE3B527C9C5DA2074674E5815999, F969B456828D12222069EB50DEB514C867CF331AC3228835ABB2B4EA7114341A ] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe 14:20:20.0889 0x114c vmware-tray.exe - ok 14:20:20.0889 0x114c MyRouter - ok 14:20:20.0890 0x114c Uploader - ok 14:20:20.0891 0x114c MyRouter - ok 14:20:20.0892 0x114c Uploader - ok 14:20:20.0893 0x114c MyRouter - ok 14:20:20.0894 0x114c Uploader - ok 14:20:20.0895 0x114c MyRouter - ok 14:20:20.0897 0x114c Uploader - ok 14:20:20.0898 0x114c MyRouter - ok 14:20:20.0900 0x114c Uploader - ok 14:20:20.0900 0x114c Waiting for KSN requests completion. In queue: 10 14:20:21.0901 0x114c Waiting for KSN requests completion. In queue: 10 14:20:22.0902 0x114c Waiting for KSN requests completion. In queue: 9 14:20:23.0902 0x114c Waiting for KSN requests completion. In queue: 9 14:20:24.0909 0x114c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x61100 ( enabled : updated ) 14:20:24.0912 0x114c Win FW state via NFP2: enabled 14:20:37.0634 0x114c ============================================================ 14:20:37.0634 0x114c Scan finished 14:20:37.0634 0x114c ============================================================ 14:20:37.0640 0x0dc4 Detected object count: 1 14:20:37.0640 0x0dc4 Actual detected object count: 1 14:23:16.0087 0x0dc4 Broadcom Wireless Manager UI ( UnsignedFile.Multi.Generic ) - skipped by user 14:23:16.0087 0x0dc4 Broadcom Wireless Manager UI ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
09.12.2014, 01:46
| #7 |
| /// the machine /// TB-Ausbilder | adfoc.us ruft unerwünschte websites aufSo funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.12.2014, 16:23
| #8 |
| | adfoc.us ruft unerwünschte websites auf danke, wie ich sehe hast du Nachtschicht gemacht hier die logs: mbam <?xml version="1.0" encoding="UTF-8" ?> <logs> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T09:03:40.985256+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="a63661ea-8d6c-44a9-aefb-d0317369c9a7" result="Starting" subtype="Malware Protection"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T09:03:40.989259+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="0ee4554d-b3e8-49fa-999d-f48323bc4cf4" result="Started" subtype="Malware Protection"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T09:03:41.006288+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="51c22bcc-f36e-4c8b-9297-a8de7b996453" result="Starting" subtype="Malicious Website Protection"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T09:03:41.191415+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="27ee2957-cf17-4385-ae5c-8577b3f1042a" result="Started" subtype="Malicious Website Protection"></record> <record severity="debug" LoggingEventType="1" datetime="2014-12-09T09:04:08.364961+07:00" source="Manual" type="Update" username="SYSTEM" systemname="ACER32" fromVersion="2013.10.16.1" last_modified_tag="3b10d7f3-dfd1-430d-9dca-01585dc4ce75" name="Remediation Database" toVersion="2014.12.6.1"></record> <record severity="debug" LoggingEventType="1" datetime="2014-12-09T09:04:08.735410+07:00" source="Manual" type="Update" username="SYSTEM" systemname="ACER32" fromVersion="2014.11.18.1" last_modified_tag="67342dc8-d79b-47a5-ba97-df147ef6ccff" name="Rootkit Database" toVersion="2014.12.8.1"></record> <record severity="debug" LoggingEventType="1" datetime="2014-12-09T09:04:55.374217+07:00" source="Manual" type="Update" username="SYSTEM" systemname="ACER32" fromVersion="2014.11.20.6" last_modified_tag="a31bc566-1a96-42bc-880b-fc8865583763" name="Malware Database" toVersion="2014.12.9.1"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T09:04:55.393216+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="826a7ad4-2974-41aa-8037-41e94979ed43" result="Starting" subtype="Refresh"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T09:04:55.397220+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="ddd0efd9-2a1e-46d7-83e5-c080dff52246" result="Stopping" subtype="Malicious Website Protection"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T09:04:55.434260+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="ece55971-8ab7-42bd-982b-34bdb0668037" result="Stopped" subtype="Malicious Website Protection"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T09:04:59.407176+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="4f1161a6-37d0-4e71-9f3f-6ff615a231a9" result="Success" subtype="Refresh"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T09:04:59.418236+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="088fa349-144c-4c9b-af6e-e49395bbcc45" result="Starting" subtype="Malicious Website Protection"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T09:04:59.613401+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="52b1b7b3-e51c-43d5-9ce2-3d542688ff61" result="Started" subtype="Malicious Website Protection"></record> <record severity="debug" scantype="threat" LoggingEventType="6" starttime="2014-12-09T09:06:05+07:00" datetime="2014-12-09T09:12:38.821207+07:00" source="Manual" type="Scan" username="SYSTEM" systemname="ACER32" last_modified_tag="b3a484e0-5472-46b6-8608-4eb174d53f7e" duration="314" malwaredetections="0" nonmalwaredetections="10" scanresult="completed"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T09:28:55.393083+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="ecb60768-75aa-4216-af9a-034585a4260a" result="Starting" subtype="Malware Protection"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T09:28:55.408703+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="f79bc446-d2c4-4c81-aea1-efaaa1b1ba6a" result="Started" subtype="Malware Protection"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T09:28:55.408703+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="5df43a49-e64a-47d4-a1d9-f79de2563ea0" result="Starting" subtype="Malicious Website Protection"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T09:29:02.406967+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="ccf5d043-f904-4601-8d23-9faf05397033" result="Started" subtype="Malicious Website Protection"></record> <record severity="debug" LoggingEventType="1" datetime="2014-12-09T10:21:37.650096+07:00" source="Scheduler" type="Update" username="SYSTEM" systemname="ACER32" fromVersion="2014.12.8.1" last_modified_tag="ae3e805d-cba0-4c83-aca1-b1213d20126a" name="Rootkit Database" toVersion="2014.12.8.2"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T10:21:37.662100+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="c1e77ba9-f3a2-479a-8455-f9bd40ce5a4e" result="Starting" subtype="Refresh"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T10:21:37.667103+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="ffdcad5c-001e-4cf7-b4a3-a32105cb0422" result="Stopping" subtype="Malicious Website Protection"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T10:21:37.699112+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="9401c2de-d73b-40b1-8f8a-31277bc80bbd" result="Stopped" subtype="Malicious Website Protection"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T10:21:45.885237+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="cabd54de-fccb-4695-a8dd-c0b49d664abd" result="Success" subtype="Refresh"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T10:21:45.896245+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="b2d80a28-b960-4a74-9bd1-95d5206581a7" result="Starting" subtype="Malicious Website Protection"></record> <record severity="debug" LoggingEventType="2" datetime="2014-12-09T10:21:46.092397+07:00" source="Protection" type="Protection" username="SYSTEM" systemname="ACER32" last_modified_tag="02377451-beba-4944-8ffa-82998dc5b37f" result="Started" subtype="Malicious Website Protection"></record> </logs>AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.105 - Bericht erstellt am 09/12/2014 um 10:35:23
# Aktualisiert 08/12/2014 von Xplode
# Database : 2014-12-08.2 [Live]
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : acer - ACER32
# Gestartet von : C:\Users\acer\Downloads\adwcleaner_4.105.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2FF49ED5-A3EF-410B-918E-97DECEB5996D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2FF49ED5-A3EF-410B-918E-97DECEB5996D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DFFAA5F-44C6-4FF2-80EE-76368D0A2E75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9DFFAA5F-44C6-4FF2-80EE-76368D0A2E75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B34A6A15-1F6F-4A19-A9DD-8B44C874A20B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B8445FED-900C-4137-AD15-DDD2F6306B62}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BB27DF2F-6F05-4A42-9FFD-14696D795750}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C00F4B2B-A33C-40FC-8E47-4D18DCD4B01E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C242AC08-2AE7-46A5-A62D-E7F1B9BE489C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F3EC3AFF-8FD8-4253-ABA2-F2ABE0A5524A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F85503FF-ED21-4493-9A4A-B6765EB45D94}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FEEAF56C-C91B-4D1C-9FC8-BAFD85F5F2B3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7007FA4C-E372-4485-ADFA-213B9E38D87F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AE769DF-F151-4541-B820-031726E76E06}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{844C2331-94DF-431E-9A67-426ED861D27F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8684A596-308C-4872-ACA7-FF6093BBEEF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{934063FB-A81D-4849-B02C-478446DF3219}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{93A55DA3-83ED-4090-91B6-904C44647639}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{966430CC-2097-45CA-8626-2C3F454C3297}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{993161E3-CF87-46CF-A702-3FD05D3DEDDD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9989BC14-9B5B-4B3B-8040-478FD1685E34}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0510789C-5E5D-4FA3-A3EF-2D56FDE5090A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1E34EA93-600B-4CBC-9858-59BE04C1A581}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32CC4D2E-999C-4853-9D3E-5DE4C02D57C6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{42CB7963-EFE0-4737-A927-CE076FAA3BA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4B8E39FD-ED07-4A41-9681-3D78DAFCEE66}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5A06A37E-F036-42EC-9D51-E738FACBFEB5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Google Chrome v39.0.2171.71
[C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
[C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm018^YYA^th&si=CMDP44jMtr8CFUcpjgodR3MApw&ptb=DA58E806-3D31-4BF0-B6EF-620486E2993E&psa=&ind=2014070816&st=sb&n=780c4820&searchfor={searchTerms}
-\\ Opera v26.0.1656.32
[C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
[C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm018^YYA^th&si=CMDP44jMtr8CFUcpjgodR3MApw&ptb=DA58E806-3D31-4BF0-B6EF-620486E2993E&psa=&ind=2014070816&st=sb&n=780c4820&searchfor={searchTerms}
*************************
AdwCleaner[R0].txt - [3226 octets] - [28/08/2013 00:21:22]
AdwCleaner[R1].txt - [802 octets] - [28/08/2013 00:48:36]
AdwCleaner[R2].txt - [4352 octets] - [08/12/2014 10:21:40]
AdwCleaner[R3].txt - [4435 octets] - [09/12/2014 10:33:44]
AdwCleaner[S0].txt - [2777 octets] - [28/08/2013 00:26:56]
AdwCleaner[S1].txt - [4045 octets] - [08/12/2014 10:24:03]
AdwCleaner[S2].txt - [4754 octets] - [09/12/2014 10:35:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [4814 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 8.1 x64
Ran by acer on 09.12.2014 at 10:40:22,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\WINDOWS\launcher.exe"
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.12.2014 at 10:42:35,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 02 Ran by acer (administrator) on ACER32 on 09-12-2014 10:51:30 Running from C:\Users\acer\Desktop Loaded Profiles: acer & UpdatusUser (Available profiles: acer & Acer_2 & UpdatusUser & Gast) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE (ABBYY InfoPoisk LLC) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMMsg.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE () C:\Program Files (x86)\MadAppLauncher\MadAppLauncher.exe (Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (Ghisler Software GmbH) C:\winkmd\TOTALCMD64.EXE (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.) HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10592256 2014-04-23] (Broadcom Corporation) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.) HKLM\...\Run: [pdfFactory Pro Dispatcher v3] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\fppdis3a.exe [754688 2009-12-15] (FinePrint Software, LLC) HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [453448 2014-08-14] () HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe" HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe" HKLM\...\Run: [Seagate Scheduler2 Service] => "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe" HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis) HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1213848 2010-09-14] (CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2010-09-09] (CANON INC.) HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1364496 2013-06-28] (ABBYY Production LLC) HKLM-x32\...\Run: [DiscWizardMonitor.exe] => "C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe" HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843744 2014-02-04] (Acronis) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [112856 2014-10-29] (VMware, Inc.) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Atheros Communications)) HKU\S-1-5-21-1606645829-3171774752-743400600-1002\...\Run: [MyRouter] => C:\Program Files (x86)\MyRouter\MyRouter.exe HKU\S-1-5-21-1606645829-3171774752-743400600-1002\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe HKU\S-1-5-21-1606645829-3171774752-743400600-1012\...\Run: [MyRouter] => C:\Program Files (x86)\MyRouter\MyRouter.exe HKU\S-1-5-21-1606645829-3171774752-743400600-1012\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [184048 2013-11-01] (NVIDIA Corporation) AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-11-01] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-11-01] (NVIDIA Corporation) Startup: C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MadAppLauncher.lnk ShortcutTarget: MadAppLauncher.lnk -> C:\Program Files (x86)\MadAppLauncher\MadAppLauncher.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll () ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll () ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1606645829-3171774752-743400600-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ HKU\S-1-5-21-1606645829-3171774752-743400600-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com HKU\S-1-5-21-1606645829-3171774752-743400600-1012\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com URLSearchHook: HKU\S-1-5-21-1606645829-3171774752-743400600-1002 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File URLSearchHook: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1002 -> {B789B92F-C3B3-4182-89AA-39DD558BB765} URL = SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 -> {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm018^YYA^th&si=CMDP44jMtr8CFUcpjgodR3MApw&ptb=DA58E806-3D31-4BF0-B6EF-620486E2993E&psa=&ind=2014070816&st=sb&n=780c4820&searchfor={searchTerms} SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 -> {B789B92F-C3B3-4182-89AA-39DD558BB765} URL = BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKU\S-1-5-21-1606645829-3171774752-743400600-1002 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File Toolbar: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File Tcpip\Parameters: [DhcpNameServer] 94.249.192.228 8.8.8.8 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) Chrome: ======= CHR Profile: C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-15] CHR Extension: (Google Docs) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-15] CHR Extension: (Google Drive) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-15] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-16] CHR Extension: (YouTube) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-15] CHR Extension: (Google-Suche) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-15] CHR Extension: (Google Tabellen) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-15] CHR Extension: (Google Wallet) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-15] CHR Extension: (Google Mail) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-15] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated) S2 CLKMSVC10_96E434EB; C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe [241776 2013-02-04] (CyberLink) S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-17] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2013-01-18] (ELAN Microelectronics Corp.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-14] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-15] (Acer Incorporate) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-10-29] () R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6074368 2014-04-23] (Broadcom Corporation) [File not signed] S2 SgtSch2Svc; "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (EZB Systems, Inc.) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-09] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated) S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-01-17] (Synaptics Incorporated) S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-12-09] () R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-07-20] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-07-22] (Acronis International GmbH) S1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] () S1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] () S1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] () R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-09 10:49 - 2014-12-09 10:49 - 02166272 _____ () C:\Users\acer\Downloads\adwcleaner_4.105 (1).exe 2014-12-09 10:42 - 2014-12-09 10:42 - 00000743 _____ () C:\Users\acer\Desktop\JRT.txt 2014-12-09 10:40 - 2014-12-09 10:40 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-12-09 10:32 - 2014-12-09 10:33 - 02166272 _____ () C:\Users\acer\Downloads\adwcleaner_4.105.exe 2014-12-09 10:27 - 2014-12-09 10:21 - 00007395 _____ () C:\Users\acer\Desktop\mbam.txt 2014-12-09 09:03 - 2014-12-09 10:37 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-12-09 09:03 - 2014-12-09 09:03 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-12-09 09:03 - 2014-12-09 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-12-09 09:03 - 2014-12-09 09:03 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-12-09 09:03 - 2014-12-09 09:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-12-09 09:03 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-12-09 09:03 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-12-09 09:03 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-12-09 09:01 - 2014-12-09 09:01 - 01707646 _____ (Thisisu) C:\Users\acer\Downloads\JRT.exe 2014-12-09 08:58 - 2014-12-09 08:59 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\acer\Downloads\mbam-setup-2.0.4.1028.exe 2014-12-08 15:13 - 2014-12-08 15:13 - 00042305 _____ () C:\Users\acer\Desktop\Addition.txt 2014-12-08 15:12 - 2014-12-09 10:51 - 00021074 _____ () C:\Users\acer\Desktop\FRST.txt 2014-12-08 15:12 - 2014-12-09 10:51 - 00000000 ____D () C:\FRST 2014-12-08 15:12 - 2014-12-08 15:11 - 02119680 _____ (Farbar) C:\Users\acer\Desktop\FRST64.exe 2014-12-08 15:11 - 2014-12-08 15:11 - 02119680 _____ (Farbar) C:\Users\acer\Downloads\FRST64.exe 2014-12-08 14:41 - 2014-12-08 14:41 - 00047419 _____ () C:\Users\acer\Desktop\tdsskiller logt.zip 2014-12-08 14:15 - 2014-12-08 14:16 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\acer\Downloads\tdsskiller.exe 2014-12-08 10:21 - 2014-12-08 10:21 - 00000055 _____ () C:\AdwCleanerDebug.txt 2014-12-08 10:18 - 2014-12-08 10:18 - 00000265 _____ () C:\Users\acer\Downloads\XHitXGirl_k_1.1.3.jad 2014-11-29 07:49 - 2014-11-29 07:49 - 00000000 __SHD () C:\Users\acer\AppData\Local\EmieBrowserModeList 2014-11-28 14:51 - 2014-11-28 14:51 - 03488932 _____ () C:\Users\acer\Downloads\User Manual_Acer_1.0_A_A.zip 2014-11-25 18:12 - 2014-11-25 18:12 - 00000000 ____D () C:\Users\acer\AppData\Local\PackageStaging 2014-11-19 17:32 - 2014-11-10 06:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2014-11-19 17:32 - 2014-11-10 06:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2014-11-19 17:32 - 2014-11-10 06:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2014-11-19 17:32 - 2014-11-10 06:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll 2014-11-14 02:16 - 2014-11-14 02:16 - 00000000 ____D () C:\Program Files\Common Files\VMware 2014-11-14 02:16 - 2014-10-29 15:01 - 00931032 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll 2014-11-14 02:16 - 2014-10-29 15:01 - 00437976 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe 2014-11-14 02:16 - 2014-10-29 15:01 - 00359128 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe 2014-11-14 02:16 - 2014-10-29 15:01 - 00064728 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys 2014-11-14 02:16 - 2014-10-29 15:01 - 00031448 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys 2014-11-14 02:16 - 2014-02-27 18:40 - 00054464 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys 2014-11-14 02:16 - 2014-02-27 18:40 - 00051904 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmusb.sys 2014-11-14 02:16 - 2013-10-08 18:21 - 00073296 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys 2014-11-14 02:16 - 2013-10-08 18:21 - 00067664 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll 2014-11-14 02:16 - 2013-10-08 18:21 - 00063568 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll 2014-11-14 02:15 - 2014-11-14 02:15 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines 2014-11-12 18:45 - 2014-11-12 18:45 - 00002022 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk 2014-11-12 18:45 - 2014-11-12 18:45 - 00002012 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk 2014-11-12 18:45 - 2014-11-12 18:45 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log 2014-11-12 18:45 - 2014-11-12 18:45 - 00000000 ____D () C:\Users\acer\Documents\samsung 2014-11-12 18:45 - 2014-11-12 18:45 - 00000000 ____D () C:\Users\acer\AppData\Roaming\Samsung 2014-11-12 18:45 - 2014-11-12 18:45 - 00000000 ____D () C:\Users\acer\AppData\Local\Samsung 2014-11-12 18:43 - 2014-11-12 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec 2014-11-12 18:31 - 2014-04-30 19:43 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll 2014-11-12 18:31 - 2014-04-30 19:43 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll 2014-11-12 18:30 - 2014-11-12 18:43 - 00000000 ____D () C:\ProgramData\Samsung 2014-11-12 10:04 - 2014-10-10 08:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2014-11-12 10:04 - 2014-10-10 08:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2014-11-12 10:04 - 2014-10-08 14:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2014-11-12 10:04 - 2014-10-08 13:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2014-11-12 10:04 - 2014-10-08 13:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2014-11-12 10:04 - 2014-10-08 13:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2014-11-12 10:04 - 2014-10-08 13:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-11-12 10:04 - 2014-10-08 12:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2014-11-12 10:04 - 2014-09-27 14:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2014-11-12 10:04 - 2014-09-27 12:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2014-11-12 10:04 - 2014-09-27 10:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2014-11-12 10:04 - 2014-09-27 10:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2014-11-12 10:04 - 2014-09-27 10:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2014-11-12 10:04 - 2014-09-22 11:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2014-11-12 10:04 - 2014-09-22 10:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-11-12 10:04 - 2014-09-22 10:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2014-11-12 10:04 - 2014-09-22 09:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-11-12 10:04 - 2014-09-19 07:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2014-11-12 10:04 - 2014-09-03 05:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll 2014-11-12 10:04 - 2014-09-03 05:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll 2014-11-12 10:03 - 2014-10-31 12:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-11-12 10:03 - 2014-10-31 10:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-11-12 10:03 - 2014-10-18 16:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-11-12 10:03 - 2014-10-18 15:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2014-11-12 10:03 - 2014-10-18 15:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2014-11-12 10:03 - 2014-10-18 14:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2014-11-12 10:03 - 2014-10-18 13:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll 2014-11-12 10:03 - 2014-10-18 13:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-11-12 10:03 - 2014-10-18 13:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2014-11-12 10:03 - 2014-10-18 13:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2014-11-12 10:03 - 2014-10-18 13:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2014-11-12 10:03 - 2014-10-18 13:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-11-12 10:03 - 2014-10-18 13:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-11-12 10:03 - 2014-10-18 13:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2014-11-12 10:03 - 2014-10-18 13:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2014-11-12 10:03 - 2014-10-18 13:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2014-11-12 10:03 - 2014-10-18 13:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2014-11-12 10:03 - 2014-10-18 13:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2014-11-12 10:03 - 2014-10-17 14:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-11-12 10:03 - 2014-10-17 13:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-11-12 10:03 - 2014-10-13 09:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2014-11-12 10:03 - 2014-10-11 07:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2014-11-12 10:03 - 2014-10-11 07:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2014-11-12 10:03 - 2014-10-10 08:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2014-11-12 10:03 - 2014-10-08 14:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll 2014-11-12 10:03 - 2014-10-08 14:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2014-11-12 10:03 - 2014-10-08 14:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2014-11-12 10:03 - 2014-10-08 14:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll 2014-11-12 10:03 - 2014-10-08 14:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll 2014-11-12 10:03 - 2014-10-08 13:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll 2014-11-12 10:03 - 2014-10-08 13:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll 2014-11-12 10:03 - 2014-10-08 12:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-11-12 10:03 - 2014-10-08 12:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-11-12 10:02 - 2014-10-31 12:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe 2014-11-12 10:02 - 2014-10-31 12:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe 2014-11-12 10:02 - 2014-10-31 12:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe 2014-11-12 10:02 - 2014-10-31 12:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll 2014-11-12 10:02 - 2014-10-31 12:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe 2014-11-12 10:02 - 2014-10-31 12:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-11-12 10:02 - 2014-10-31 12:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll 2014-11-12 10:02 - 2014-10-31 12:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-11-12 10:02 - 2014-10-31 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-11-12 10:02 - 2014-10-31 12:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-11-12 10:02 - 2014-10-31 12:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2014-11-12 10:02 - 2014-10-31 12:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-11-12 10:02 - 2014-10-31 11:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-11-12 10:02 - 2014-10-31 11:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-11-12 10:02 - 2014-10-31 11:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll 2014-11-12 10:02 - 2014-10-31 11:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2014-11-12 10:02 - 2014-10-31 11:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2014-11-12 10:02 - 2014-10-31 11:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2014-11-12 10:02 - 2014-10-31 11:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-11-12 10:02 - 2014-10-31 11:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-11-12 10:02 - 2014-10-31 11:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-11-12 10:02 - 2014-10-31 11:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-11-12 10:02 - 2014-10-31 11:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll 2014-11-12 10:02 - 2014-10-31 11:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-11-12 10:02 - 2014-10-31 11:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-11-12 10:02 - 2014-10-31 11:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll 2014-11-12 10:02 - 2014-10-31 11:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2014-11-12 10:02 - 2014-10-31 11:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll 2014-11-12 10:02 - 2014-10-31 11:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-11-12 10:02 - 2014-10-31 11:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-11-12 10:02 - 2014-10-31 11:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll 2014-11-12 10:02 - 2014-10-31 11:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2014-11-12 10:02 - 2014-10-31 11:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-11-12 10:02 - 2014-10-31 11:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll 2014-11-12 10:02 - 2014-10-31 11:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2014-11-12 10:02 - 2014-10-31 11:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2014-11-12 10:02 - 2014-10-31 11:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-11-12 10:02 - 2014-10-31 11:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-11-12 10:02 - 2014-10-31 11:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-11-12 10:02 - 2014-10-31 11:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-11-12 10:02 - 2014-10-31 10:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-11-12 10:02 - 2014-10-31 10:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-11-12 10:02 - 2014-10-31 10:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-11-12 10:02 - 2014-10-31 10:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll 2014-11-12 10:02 - 2014-10-31 10:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-11-12 10:02 - 2014-10-31 10:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe 2014-11-12 10:02 - 2014-10-31 10:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe 2014-11-12 10:02 - 2014-10-31 10:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe 2014-11-12 10:02 - 2014-10-31 10:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll 2014-11-12 10:02 - 2014-10-31 10:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe 2014-11-12 10:02 - 2014-10-31 10:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-11-12 10:02 - 2014-10-31 10:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll 2014-11-12 10:02 - 2014-10-31 10:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-11-12 10:02 - 2014-10-31 10:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2014-11-12 10:02 - 2014-10-31 10:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-11-12 10:02 - 2014-10-31 10:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-11-12 10:02 - 2014-10-31 10:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-11-12 10:02 - 2014-10-31 10:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-11-12 10:02 - 2014-10-31 10:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-11-12 10:02 - 2014-10-31 10:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-11-12 10:02 - 2014-10-31 10:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll 2014-11-12 10:02 - 2014-10-31 10:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2014-11-12 10:02 - 2014-10-31 10:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2014-11-12 10:02 - 2014-10-31 10:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2014-11-12 10:02 - 2014-10-31 10:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-11-12 10:02 - 2014-10-31 10:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-11-12 10:02 - 2014-10-31 10:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll 2014-11-12 10:02 - 2014-10-31 10:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-11-12 10:02 - 2014-10-31 09:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-12 10:02 - 2014-10-31 09:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll 2014-11-12 10:02 - 2014-10-31 09:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll 2014-11-12 10:02 - 2014-10-31 09:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2014-11-12 10:02 - 2014-10-31 09:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-11-12 10:02 - 2014-10-31 09:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll 2014-11-12 10:02 - 2014-10-31 09:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-11-12 10:02 - 2014-10-31 09:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2014-11-12 10:02 - 2014-10-31 09:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-11-12 10:02 - 2014-10-31 09:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll 2014-11-12 10:02 - 2014-10-31 09:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-11-12 10:02 - 2014-10-31 09:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2014-11-12 10:02 - 2014-10-31 09:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2014-11-12 10:02 - 2014-10-31 09:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-11-12 10:02 - 2014-10-31 09:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-11-12 10:02 - 2014-10-31 09:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-11-12 10:02 - 2014-10-31 09:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-11-12 10:02 - 2014-10-31 09:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-11-12 10:02 - 2014-10-31 09:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll 2014-11-12 10:02 - 2014-10-31 09:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-11-12 10:02 - 2014-10-31 09:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-11-12 10:02 - 2014-10-31 09:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-11-12 10:01 - 2014-10-23 12:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll 2014-11-12 10:01 - 2014-10-23 12:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll 2014-11-12 10:01 - 2014-10-07 13:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2014-11-12 10:01 - 2014-10-07 13:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2014-11-12 10:01 - 2014-10-07 13:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2014-11-12 10:01 - 2014-10-07 13:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2014-11-12 10:01 - 2014-10-07 13:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2014-11-12 10:01 - 2014-10-07 10:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2014-11-12 10:01 - 2014-10-07 10:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2014-11-12 10:01 - 2014-10-07 10:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2014-11-12 10:01 - 2014-10-07 10:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-11-12 10:01 - 2014-10-07 08:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2014-11-12 10:01 - 2014-10-07 08:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-11-12 10:01 - 2014-09-10 13:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2014-11-12 10:01 - 2014-09-08 10:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-11-12 10:01 - 2014-09-08 10:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-11-12 10:01 - 2014-09-08 05:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-11-12 10:01 - 2014-09-05 05:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2014-11-12 10:01 - 2014-09-05 05:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-11-12 10:01 - 2014-09-04 10:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-11-12 10:01 - 2014-09-04 09:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-11-12 10:01 - 2014-09-04 08:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2014-11-12 10:01 - 2014-09-04 07:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2014-11-12 10:01 - 2014-08-31 07:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-11-12 10:01 - 2014-08-31 07:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-11-12 10:01 - 2014-08-31 05:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-11-12 10:01 - 2014-08-31 05:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll 2014-11-12 10:01 - 2014-08-31 04:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll 2014-11-12 10:01 - 2014-08-31 04:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2014-11-12 10:01 - 2014-08-31 03:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll 2014-11-12 10:01 - 2014-08-31 03:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-11-12 10:01 - 2014-08-28 09:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-11-12 10:01 - 2014-08-28 07:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2014-11-12 10:01 - 2014-08-28 07:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2014-11-12 10:01 - 2014-08-23 12:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-11-12 10:01 - 2014-08-23 12:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-11-12 10:01 - 2014-08-23 12:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-11-12 10:01 - 2014-08-23 12:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-11-12 10:01 - 2014-08-23 11:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-11-12 10:01 - 2014-08-02 07:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2014-11-12 10:01 - 2014-08-02 07:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-09 10:46 - 2013-07-31 17:26 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1606645829-3171774752-743400600-1002 2014-12-09 10:41 - 2013-10-18 11:57 - 00000000 ___DO () C:\Users\acer\SkyDrive 2014-12-09 10:41 - 2013-09-30 11:14 - 01785036 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-12-09 10:41 - 2013-09-30 10:56 - 00768266 _____ () C:\WINDOWS\system32\perfh007.dat 2014-12-09 10:41 - 2013-09-30 10:56 - 00160576 _____ () C:\WINDOWS\system32\perfc007.dat 2014-12-09 10:37 - 2014-09-15 15:58 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-09 10:37 - 2013-08-11 15:01 - 00016152 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys 2014-12-09 10:37 - 2013-08-11 15:01 - 00000422 _____ () C:\WINDOWS\Tasks\SlimDrivers Startup.job 2014-12-09 10:36 - 2013-08-22 21:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-12-09 10:36 - 2013-08-10 05:22 - 00000575 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics 2014-12-09 10:36 - 2013-07-31 17:46 - 00000000 ____D () C:\ProgramData\VMware 2014-12-09 10:35 - 2013-09-30 02:04 - 00222980 _____ () C:\WINDOWS\PFRO.log 2014-12-09 10:35 - 2013-08-28 00:21 - 00000000 ____D () C:\AdwCleaner 2014-12-09 10:35 - 2013-08-22 20:25 - 22544384 ___SH () C:\WINDOWS\system32\config\BBI 2014-12-09 10:13 - 2014-09-15 15:58 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-09 10:02 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-12-09 09:54 - 2014-02-10 14:58 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-12-09 09:12 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\Web 2014-12-09 09:00 - 2013-10-18 14:04 - 00000000 ____D () C:\Users\acer\AppData\Local\VMware 2014-12-09 08:59 - 2013-10-18 14:04 - 00000000 ____D () C:\Users\acer\AppData\Roaming\VMware 2014-12-09 08:50 - 2013-10-18 13:21 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{64060840-E01C-4C8F-B485-FCD2F005B6D1} 2014-12-08 22:59 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp 2014-12-08 17:38 - 2013-10-18 10:57 - 01996610 _____ () C:\WINDOWS\WindowsUpdate.log 2014-12-08 17:15 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-12-08 13:50 - 2013-11-21 10:33 - 00000000 ____D () C:\Users\acer\Documents\FinePrint-Dateien 2014-12-08 13:08 - 2013-09-16 03:12 - 00000000 ____D () C:\DANGER keygens 2014-12-08 11:39 - 2014-10-08 14:08 - 00723456 ___SH () C:\Users\acer\Desktop\Thumbs.db 2014-12-08 08:12 - 2013-08-10 05:36 - 00000000 ____D () C:\Users\acer\AppData\Roaming\MyPhoneExplorer 2014-12-03 20:13 - 2014-07-17 19:41 - 00003848 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1379176262 2014-12-03 20:13 - 2013-09-14 23:31 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-12-03 20:13 - 2013-09-14 23:31 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-12-03 16:56 - 2013-07-31 21:07 - 00000000 ____D () C:\Users\acer\AppData\Local\Packages 2014-11-28 16:28 - 2013-08-22 21:46 - 00356175 _____ () C:\WINDOWS\setupact.log 2014-11-28 01:18 - 2013-08-22 22:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-11-28 01:18 - 2013-08-22 22:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2014-11-27 13:53 - 2012-07-26 14:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-11-26 02:54 - 2014-02-10 14:58 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-11-21 03:51 - 2013-08-22 22:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-11-21 03:51 - 2013-08-22 22:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-14 23:08 - 2014-09-15 15:58 - 00004104 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-14 23:08 - 2014-09-15 15:58 - 00003868 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2014-11-14 22:12 - 2013-08-11 04:52 - 00000000 ____D () C:\temp 2014-11-14 02:16 - 2013-07-31 17:46 - 01806364 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2014-11-14 02:15 - 2013-08-01 17:16 - 00000000 ____D () C:\Program Files (x86)\VMware 2014-11-14 02:07 - 2013-07-31 17:41 - 00000000 ____D () C:\winkmd 2014-11-13 05:12 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-11-12 22:38 - 2013-10-18 10:54 - 00000000 ____D () C:\Users\acer 2014-11-12 22:31 - 2013-08-22 21:44 - 00388504 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-11-12 22:29 - 2013-08-22 22:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-12 22:29 - 2013-08-22 22:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-12 22:29 - 2013-08-22 22:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-11-12 22:29 - 2013-08-22 22:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-11-12 18:43 - 2013-08-11 00:35 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-11-12 18:31 - 2013-08-11 17:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG 2014-11-12 18:31 - 2013-04-18 17:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-11-12 18:30 - 2014-07-18 10:55 - 00000000 ____D () C:\Users\acer\AppData\Local\Downloaded Installations 2014-11-12 17:01 - 2013-08-12 03:54 - 00000000 ____D () C:\Users\acer\AppData\Roaming\vlc 2014-11-12 13:11 - 2013-08-04 22:22 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-11-12 13:09 - 2013-08-01 23:55 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-11-09 17:58 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\system32\NDF Some content of TEMP: ==================== C:\Users\acer\AppData\Local\Temp\Quarantine.exe C:\Users\acer\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-09 09:39 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- Gruß honky nach diesen Maßnahmen wird weiterhin Adfoc.us aufgerufen. malwarebytes Meldung erscheint: malicious website blocked domain d9ae99824.se IP 5.150.195.167 port 50524 type outbound process: ..... chrome habe exclude website geklickt und anschließend domain adrotator.se ip 80.252.188.228 port 50933 Meldung verschwand leider bevor ich exclude klicken konnte nach dem Hinweis auf chrome.exe von Malwarebytes habe ich chrome de- und reinstalliert Seitdem (ca. eine Stunde) ist die adfoc.us website noch nicht wieder aufgetaucht |
|
10.12.2014, 13:37
| #9 |
| /// the machine /// TB-Ausbilder | adfoc.us ruft unerwünschte websites auf https://support.google.com/chrome/answer/3296214?hl=de ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.12.2014, 04:28
| #10 |
| | adfoc.us ruft unerwünschte websites auf Hallo Schrauber seit der De- und Reinstallation von Chrome ist das Problem nicht mehr aufgetaucht Zwischenzeitlich gab es Malwarebytes alarm dass eine unerwünschte website von ...windows/syswow64/vmnat.exe geblockt wurde ich habe ESET und Security check durchgeführt Gruß Honky ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=e569c17799d3634599d02b5d9013e1c1 # engine=21497 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2014-12-11 03:02:43 # local_time=2014-12-11 10:02:43 (+0700, Südostasiatische Normalzeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 0 8571282 0 0 # scanned=287045 # found=7 # cleaned=7 # scan_time=2836 sh=5BD094552F2285D28370E80E1A4C108D3BC9FF4C ft=1 fh=a0903d7c030c62d3 vn="Win32/DownWare.N evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\acer\AppData\Local\DownloadGuide\Offers\addlyrics.exe.vir" sh=BC3FA2DCDDD091098D7558A2D635CEF5F1CDC155 ft=1 fh=913ecbdb09133521 vn="Win32/Packed.ScrambleWrapper.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\acer\AppData\Local\DownloadGuide\Offers\plushd.exe.vir" sh=E68352C426032E609857B260151BD2B9C15D1693 ft=1 fh=4c32c5efa928c605 vn="Variante von Win32/Toolbar.MyWebSearch.V evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\acer\AppData\LocalLow\TelevisionFanaticEI\Installr\Cache\1A74BBC3.exe.vir" sh=D829593C57E930AD275B0A3ED55FAAE9B7A9ACB8 ft=1 fh=73e94708d38ba8ba vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\DANGER keygens\Janus_4.1\InstallJanus4P1.exe" sh=CF174F2EE92F1F77476E79BDC6C0823ED2CA698C ft=1 fh=f736153680ee5586 vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\DANGER keygens\Janus_4.1\Janus4.exe" sh=DEB9F64ABBF9425B70217747FEED6D2CF8BD9B6D ft=1 fh=a8b5d0d60197659c vn="Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\acer\Downloads\DLG_free-driver-scout_chip_de-DE.exe" sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/DownWare.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\acer\Downloads\MyPhoneExplorer_Setup_1.8.5.exe" XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Results of screen317's Security Check version 0.99.91 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Wise Registry Cleaner 7.87 Adobe Flash Player 15.0.0.246 Google Chrome (39.0.2171.71) Google Chrome (39.0.2171.95) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 02 Ran by acer (administrator) on ACER32 on 11-12-2014 10:25:21 Running from C:\Users\acer\Desktop Loaded Profiles: acer & Acer_2 & UpdatusUser & Gast (Available profiles: acer & Acer_2 & UpdatusUser & Gast) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE (ABBYY InfoPoisk LLC) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMMsg.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE () C:\Program Files (x86)\MadAppLauncher\MadAppLauncher.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (Ghisler Software GmbH) C:\winkmd\TOTALCMD64.EXE (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-unity-helper.exe (Microsoft) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Solitaire.exe () C:\Program Files\WindowsApps\38142TheBlueIT.Clocktime_1.0.0.3_neutral__rhdz0f81yfett\Clocktime.exe (Microsoft Corporation) C:\Windows\WinStore\WSHost.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vprintproxy.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe (Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.) HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10592256 2014-04-23] (Broadcom Corporation) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.) HKLM\...\Run: [pdfFactory Pro Dispatcher v3] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\fppdis3a.exe [754688 2009-12-15] (FinePrint Software, LLC) HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [453448 2014-08-14] () HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe" HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe" HKLM\...\Run: [Seagate Scheduler2 Service] => "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe" HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis) HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1213848 2010-09-14] (CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2010-09-09] (CANON INC.) HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1364496 2013-06-28] (ABBYY Production LLC) HKLM-x32\...\Run: [DiscWizardMonitor.exe] => "C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe" HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843744 2014-02-04] (Acronis) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [112856 2014-10-29] (VMware, Inc.) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Atheros Communications)) HKU\S-1-5-21-1606645829-3171774752-743400600-1002\...\Run: [MyRouter] => C:\Program Files (x86)\MyRouter\MyRouter.exe HKU\S-1-5-21-1606645829-3171774752-743400600-1002\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe HKU\S-1-5-21-1606645829-3171774752-743400600-1010\...\Run: [MyRouter] => C:\Program Files (x86)\MyRouter\MyRouter.exe HKU\S-1-5-21-1606645829-3171774752-743400600-1010\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe HKU\S-1-5-21-1606645829-3171774752-743400600-1012\...\Run: [MyRouter] => C:\Program Files (x86)\MyRouter\MyRouter.exe HKU\S-1-5-21-1606645829-3171774752-743400600-1012\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe HKU\S-1-5-21-1606645829-3171774752-743400600-501\...\Run: [MyRouter] => C:\Program Files (x86)\MyRouter\MyRouter.exe HKU\S-1-5-21-1606645829-3171774752-743400600-501\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [184048 2013-11-01] (NVIDIA Corporation) AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-11-01] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-11-01] (NVIDIA Corporation) Startup: C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MadAppLauncher.lnk ShortcutTarget: MadAppLauncher.lnk -> C:\Program Files (x86)\MadAppLauncher\MadAppLauncher.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe (McAfee, Inc.) ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll () ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll () ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1606645829-3171774752-743400600-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ HKU\S-1-5-21-1606645829-3171774752-743400600-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com HKU\S-1-5-21-1606645829-3171774752-743400600-1010\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com HKU\S-1-5-21-1606645829-3171774752-743400600-1010\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com HKU\S-1-5-21-1606645829-3171774752-743400600-1012\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com HKU\S-1-5-21-1606645829-3171774752-743400600-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com HKU\S-1-5-21-1606645829-3171774752-743400600-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com URLSearchHook: HKU\S-1-5-21-1606645829-3171774752-743400600-1002 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File URLSearchHook: HKU\S-1-5-21-1606645829-3171774752-743400600-1010 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File URLSearchHook: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File URLSearchHook: HKU\S-1-5-21-1606645829-3171774752-743400600-501 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1002 -> {B789B92F-C3B3-4182-89AA-39DD558BB765} URL = SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1010 -> {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm018^YYA^th&si=CMDP44jMtr8CFUcpjgodR3MApw&ptb=DA58E806-3D31-4BF0-B6EF-620486E2993E&psa=&ind=2014070816&st=sb&n=780c4820&searchfor={searchTerms} SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1010 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1010 -> {B789B92F-C3B3-4182-89AA-39DD558BB765} URL = SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 -> {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm018^YYA^th&si=CMDP44jMtr8CFUcpjgodR3MApw&ptb=DA58E806-3D31-4BF0-B6EF-620486E2993E&psa=&ind=2014070816&st=sb&n=780c4820&searchfor={searchTerms} SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 -> {B789B92F-C3B3-4182-89AA-39DD558BB765} URL = SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-501 -> {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm018^YYA^th&si=CMDP44jMtr8CFUcpjgodR3MApw&ptb=DA58E806-3D31-4BF0-B6EF-620486E2993E&psa=&ind=2014070816&st=sb&n=780c4820&searchfor={searchTerms} SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-501 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKU\S-1-5-21-1606645829-3171774752-743400600-501 -> {B789B92F-C3B3-4182-89AA-39DD558BB765} URL = BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.10.106\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKU\S-1-5-21-1606645829-3171774752-743400600-1002 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File Toolbar: HKU\S-1-5-21-1606645829-3171774752-743400600-1010 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File Toolbar: HKU\S-1-5-21-1606645829-3171774752-743400600-1012 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File Toolbar: HKU\S-1-5-21-1606645829-3171774752-743400600-501 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File Tcpip\Parameters: [DhcpNameServer] 94.249.192.228 8.8.8.8 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) Chrome: ======= CHR Profile: C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-09] CHR Extension: (Google Docs) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-09] CHR Extension: (Google Drive) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-09] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-09] CHR Extension: (YouTube) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-09] CHR Extension: (Google-Suche) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-09] CHR Extension: (Google Tabellen) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-09] CHR Extension: (Google Wallet) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-09] CHR Extension: (Google Mail) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-09] CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated) S2 CLKMSVC10_96E434EB; C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe [241776 2013-02-04] (CyberLink) S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-17] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2013-01-18] (ELAN Microelectronics Corp.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-14] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-15] (Acer Incorporate) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.10.106\McCHSvc.exe [289256 2014-11-04] (McAfee, Inc.) S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-10-29] () R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6074368 2014-04-23] (Broadcom Corporation) [File not signed] S2 SgtSch2Svc; "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (EZB Systems, Inc.) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-11] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated) S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-01-17] (Synaptics Incorporated) S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-12-09] () R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-07-20] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-07-22] (Acronis International GmbH) S1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] () S1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] () S1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] () R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-11 10:22 - 2014-12-10 20:02 - 00852490 _____ () C:\Users\acer\Desktop\SecurityCheck.exe 2014-12-11 10:18 - 2014-12-11 10:02 - 00002357 _____ () C:\Users\acer\Desktop\schrauber.txt 2014-12-11 09:08 - 2014-12-10 20:02 - 02347384 _____ (ESET) C:\Users\acer\Desktop\esetsmartinstaller_deu.exe 2014-12-10 20:02 - 2014-12-10 20:02 - 00852490 _____ () C:\Users\acer\Downloads\SecurityCheck.exe 2014-12-10 20:01 - 2014-12-10 20:02 - 02347384 _____ (ESET) C:\Users\acer\Downloads\esetsmartinstaller_deu.exe 2014-12-10 10:05 - 2014-12-10 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-12-10 10:05 - 2014-12-10 10:05 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-12-09 21:40 - 2014-12-10 17:42 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-12-09 21:40 - 2014-12-09 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-12-09 21:36 - 2014-12-11 09:41 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-09 21:36 - 2014-12-10 21:41 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-09 21:36 - 2014-12-09 21:36 - 00004092 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2014-12-09 21:36 - 2014-12-09 21:36 - 00003856 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2014-12-09 21:35 - 2014-12-09 21:36 - 00000000 ____D () C:\Users\acer\AppData\Local\Deployment 2014-12-09 21:35 - 2014-12-09 21:35 - 00000000 ____D () C:\Users\acer\AppData\Local\Apps\2.0 2014-12-09 14:03 - 2014-12-09 14:03 - 00000370 _____ () C:\WINDOWS\system32\screensaver1.scr.xml 2014-12-09 14:03 - 2007-08-18 05:36 - 00098304 _____ (Hewlett-Packard) C:\WINDOWS\system32\screensaver1.scr 2014-12-09 14:03 - 2007-06-29 23:35 - 00032768 _____ ( ) C:\WINDOWS\system32\Interop.ShockwaveFlashObjects.dll 2014-12-09 14:03 - 2007-06-29 23:35 - 00028672 _____ () C:\WINDOWS\system32\AxInterop.ShockwaveFlashObjects.dll 2014-12-09 13:48 - 2014-12-09 14:03 - 00000000 ____D () C:\Program Files (x86)\WG Screensaver Creator 1.0 2014-12-09 13:48 - 2014-12-09 13:48 - 00003089 _____ () C:\Users\acer\Desktop\WG Screensaver Creator.lnk 2014-12-09 13:48 - 2014-12-09 13:48 - 00003049 _____ () C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WG Screensaver Creator.lnk 2014-12-09 13:46 - 2014-12-09 13:46 - 05530112 _____ () C:\Users\acer\Downloads\wg_screensaver_creator_1.0.msi 2014-12-09 10:49 - 2014-12-09 10:49 - 02166272 _____ () C:\Users\acer\Downloads\adwcleaner_4.105 (1).exe 2014-12-09 10:42 - 2014-12-09 10:42 - 00000743 _____ () C:\Users\acer\Desktop\JRT.txt 2014-12-09 10:40 - 2014-12-09 10:40 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-12-09 10:32 - 2014-12-09 10:33 - 02166272 _____ () C:\Users\acer\Downloads\adwcleaner_4.105.exe 2014-12-09 10:27 - 2014-12-09 10:21 - 00007395 _____ () C:\Users\acer\Desktop\mbam.txt 2014-12-09 09:03 - 2014-12-11 07:22 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-12-09 09:03 - 2014-12-09 09:03 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-12-09 09:03 - 2014-12-09 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-12-09 09:03 - 2014-12-09 09:03 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-12-09 09:03 - 2014-12-09 09:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-12-09 09:03 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-12-09 09:03 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-12-09 09:03 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-12-09 09:01 - 2014-12-09 09:01 - 01707646 _____ (Thisisu) C:\Users\acer\Downloads\JRT.exe 2014-12-09 08:58 - 2014-12-09 08:59 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\acer\Downloads\mbam-setup-2.0.4.1028.exe 2014-12-08 15:13 - 2014-12-08 15:13 - 00042305 _____ () C:\Users\acer\Desktop\Addition.txt 2014-12-08 15:12 - 2014-12-11 10:25 - 00025710 _____ () C:\Users\acer\Desktop\FRST.txt 2014-12-08 15:12 - 2014-12-11 10:25 - 00000000 ____D () C:\FRST 2014-12-08 15:12 - 2014-12-08 15:11 - 02119680 _____ (Farbar) C:\Users\acer\Desktop\FRST64.exe 2014-12-08 15:11 - 2014-12-08 15:11 - 02119680 _____ (Farbar) C:\Users\acer\Downloads\FRST64.exe 2014-12-08 14:41 - 2014-12-08 14:41 - 00047419 _____ () C:\Users\acer\Desktop\tdsskiller logt.zip 2014-12-08 14:15 - 2014-12-08 14:16 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\acer\Downloads\tdsskiller.exe 2014-12-08 10:21 - 2014-12-08 10:21 - 00000055 _____ () C:\AdwCleanerDebug.txt 2014-12-08 10:18 - 2014-12-08 10:18 - 00000265 _____ () C:\Users\acer\Downloads\XHitXGirl_k_1.1.3.jad 2014-11-29 07:49 - 2014-11-29 07:49 - 00000000 __SHD () C:\Users\acer\AppData\Local\EmieBrowserModeList 2014-11-28 14:51 - 2014-11-28 14:51 - 03488932 _____ () C:\Users\acer\Downloads\User Manual_Acer_1.0_A_A.zip 2014-11-25 18:12 - 2014-11-25 18:12 - 00000000 ____D () C:\Users\acer\AppData\Local\PackageStaging 2014-11-19 17:32 - 2014-11-10 06:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2014-11-19 17:32 - 2014-11-10 06:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2014-11-19 17:32 - 2014-11-10 06:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2014-11-19 17:32 - 2014-11-10 06:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll 2014-11-14 02:16 - 2014-11-14 02:16 - 00000000 ____D () C:\Program Files\Common Files\VMware 2014-11-14 02:16 - 2014-10-29 15:01 - 00931032 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll 2014-11-14 02:16 - 2014-10-29 15:01 - 00437976 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe 2014-11-14 02:16 - 2014-10-29 15:01 - 00359128 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe 2014-11-14 02:16 - 2014-10-29 15:01 - 00064728 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys 2014-11-14 02:16 - 2014-10-29 15:01 - 00031448 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys 2014-11-14 02:16 - 2014-02-27 18:40 - 00054464 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys 2014-11-14 02:16 - 2014-02-27 18:40 - 00051904 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmusb.sys 2014-11-14 02:16 - 2013-10-08 18:21 - 00073296 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys 2014-11-14 02:16 - 2013-10-08 18:21 - 00067664 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll 2014-11-14 02:16 - 2013-10-08 18:21 - 00063568 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll 2014-11-14 02:15 - 2014-11-14 02:15 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines 2014-11-12 18:45 - 2014-11-12 18:45 - 00002022 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk 2014-11-12 18:45 - 2014-11-12 18:45 - 00002012 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk 2014-11-12 18:45 - 2014-11-12 18:45 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log 2014-11-12 18:45 - 2014-11-12 18:45 - 00000000 ____D () C:\Users\acer\Documents\samsung 2014-11-12 18:45 - 2014-11-12 18:45 - 00000000 ____D () C:\Users\acer\AppData\Roaming\Samsung 2014-11-12 18:45 - 2014-11-12 18:45 - 00000000 ____D () C:\Users\acer\AppData\Local\Samsung 2014-11-12 18:43 - 2014-11-12 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec 2014-11-12 18:31 - 2014-04-30 19:43 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll 2014-11-12 18:31 - 2014-04-30 19:43 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll 2014-11-12 18:30 - 2014-11-12 18:43 - 00000000 ____D () C:\ProgramData\Samsung 2014-11-12 10:04 - 2014-10-10 08:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2014-11-12 10:04 - 2014-10-10 08:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2014-11-12 10:04 - 2014-10-08 14:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2014-11-12 10:04 - 2014-10-08 13:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2014-11-12 10:04 - 2014-10-08 13:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2014-11-12 10:04 - 2014-10-08 13:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2014-11-12 10:04 - 2014-10-08 13:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-11-12 10:04 - 2014-10-08 12:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2014-11-12 10:04 - 2014-09-27 14:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2014-11-12 10:04 - 2014-09-27 12:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2014-11-12 10:04 - 2014-09-27 10:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2014-11-12 10:04 - 2014-09-27 10:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2014-11-12 10:04 - 2014-09-27 10:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2014-11-12 10:04 - 2014-09-22 11:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2014-11-12 10:04 - 2014-09-22 10:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-11-12 10:04 - 2014-09-22 10:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2014-11-12 10:04 - 2014-09-22 09:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-11-12 10:04 - 2014-09-19 07:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2014-11-12 10:04 - 2014-09-03 05:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll 2014-11-12 10:04 - 2014-09-03 05:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll 2014-11-12 10:03 - 2014-10-31 12:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-11-12 10:03 - 2014-10-31 10:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-11-12 10:03 - 2014-10-18 16:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-11-12 10:03 - 2014-10-18 15:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2014-11-12 10:03 - 2014-10-18 15:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2014-11-12 10:03 - 2014-10-18 14:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2014-11-12 10:03 - 2014-10-18 13:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll 2014-11-12 10:03 - 2014-10-18 13:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-11-12 10:03 - 2014-10-18 13:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2014-11-12 10:03 - 2014-10-18 13:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2014-11-12 10:03 - 2014-10-18 13:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2014-11-12 10:03 - 2014-10-18 13:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-11-12 10:03 - 2014-10-18 13:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-11-12 10:03 - 2014-10-18 13:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2014-11-12 10:03 - 2014-10-18 13:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2014-11-12 10:03 - 2014-10-18 13:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2014-11-12 10:03 - 2014-10-18 13:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2014-11-12 10:03 - 2014-10-18 13:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2014-11-12 10:03 - 2014-10-17 14:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-11-12 10:03 - 2014-10-17 13:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-11-12 10:03 - 2014-10-13 09:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2014-11-12 10:03 - 2014-10-11 07:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2014-11-12 10:03 - 2014-10-11 07:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2014-11-12 10:03 - 2014-10-10 08:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2014-11-12 10:03 - 2014-10-08 14:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll 2014-11-12 10:03 - 2014-10-08 14:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2014-11-12 10:03 - 2014-10-08 14:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2014-11-12 10:03 - 2014-10-08 14:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll 2014-11-12 10:03 - 2014-10-08 14:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll 2014-11-12 10:03 - 2014-10-08 13:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll 2014-11-12 10:03 - 2014-10-08 13:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll 2014-11-12 10:03 - 2014-10-08 12:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-11-12 10:03 - 2014-10-08 12:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-11-12 10:02 - 2014-10-31 12:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe 2014-11-12 10:02 - 2014-10-31 12:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe 2014-11-12 10:02 - 2014-10-31 12:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe 2014-11-12 10:02 - 2014-10-31 12:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll 2014-11-12 10:02 - 2014-10-31 12:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe 2014-11-12 10:02 - 2014-10-31 12:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-11-12 10:02 - 2014-10-31 12:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll 2014-11-12 10:02 - 2014-10-31 12:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-11-12 10:02 - 2014-10-31 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-11-12 10:02 - 2014-10-31 12:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-11-12 10:02 - 2014-10-31 12:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2014-11-12 10:02 - 2014-10-31 12:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-11-12 10:02 - 2014-10-31 11:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-11-12 10:02 - 2014-10-31 11:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-11-12 10:02 - 2014-10-31 11:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll 2014-11-12 10:02 - 2014-10-31 11:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2014-11-12 10:02 - 2014-10-31 11:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2014-11-12 10:02 - 2014-10-31 11:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2014-11-12 10:02 - 2014-10-31 11:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-11-12 10:02 - 2014-10-31 11:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-11-12 10:02 - 2014-10-31 11:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-11-12 10:02 - 2014-10-31 11:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-11-12 10:02 - 2014-10-31 11:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll 2014-11-12 10:02 - 2014-10-31 11:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-11-12 10:02 - 2014-10-31 11:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-11-12 10:02 - 2014-10-31 11:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll 2014-11-12 10:02 - 2014-10-31 11:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2014-11-12 10:02 - 2014-10-31 11:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll 2014-11-12 10:02 - 2014-10-31 11:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-11-12 10:02 - 2014-10-31 11:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-11-12 10:02 - 2014-10-31 11:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll 2014-11-12 10:02 - 2014-10-31 11:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2014-11-12 10:02 - 2014-10-31 11:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-11-12 10:02 - 2014-10-31 11:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll 2014-11-12 10:02 - 2014-10-31 11:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2014-11-12 10:02 - 2014-10-31 11:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2014-11-12 10:02 - 2014-10-31 11:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-11-12 10:02 - 2014-10-31 11:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-11-12 10:02 - 2014-10-31 11:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-11-12 10:02 - 2014-10-31 11:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-11-12 10:02 - 2014-10-31 10:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-11-12 10:02 - 2014-10-31 10:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-11-12 10:02 - 2014-10-31 10:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-11-12 10:02 - 2014-10-31 10:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll 2014-11-12 10:02 - 2014-10-31 10:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-11-12 10:02 - 2014-10-31 10:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe 2014-11-12 10:02 - 2014-10-31 10:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe 2014-11-12 10:02 - 2014-10-31 10:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe 2014-11-12 10:02 - 2014-10-31 10:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll 2014-11-12 10:02 - 2014-10-31 10:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe 2014-11-12 10:02 - 2014-10-31 10:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-11-12 10:02 - 2014-10-31 10:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll 2014-11-12 10:02 - 2014-10-31 10:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-11-12 10:02 - 2014-10-31 10:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2014-11-12 10:02 - 2014-10-31 10:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-11-12 10:02 - 2014-10-31 10:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-11-12 10:02 - 2014-10-31 10:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-11-12 10:02 - 2014-10-31 10:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-11-12 10:02 - 2014-10-31 10:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-11-12 10:02 - 2014-10-31 10:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-11-12 10:02 - 2014-10-31 10:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll 2014-11-12 10:02 - 2014-10-31 10:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2014-11-12 10:02 - 2014-10-31 10:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2014-11-12 10:02 - 2014-10-31 10:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2014-11-12 10:02 - 2014-10-31 10:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-11-12 10:02 - 2014-10-31 10:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-11-12 10:02 - 2014-10-31 10:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll 2014-11-12 10:02 - 2014-10-31 10:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-11-12 10:02 - 2014-10-31 09:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-12 10:02 - 2014-10-31 09:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll 2014-11-12 10:02 - 2014-10-31 09:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll 2014-11-12 10:02 - 2014-10-31 09:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2014-11-12 10:02 - 2014-10-31 09:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-11-12 10:02 - 2014-10-31 09:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll 2014-11-12 10:02 - 2014-10-31 09:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-11-12 10:02 - 2014-10-31 09:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2014-11-12 10:02 - 2014-10-31 09:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-11-12 10:02 - 2014-10-31 09:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll 2014-11-12 10:02 - 2014-10-31 09:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-11-12 10:02 - 2014-10-31 09:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2014-11-12 10:02 - 2014-10-31 09:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2014-11-12 10:02 - 2014-10-31 09:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-11-12 10:02 - 2014-10-31 09:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-11-12 10:02 - 2014-10-31 09:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-11-12 10:02 - 2014-10-31 09:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-11-12 10:02 - 2014-10-31 09:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-11-12 10:02 - 2014-10-31 09:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll 2014-11-12 10:02 - 2014-10-31 09:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-11-12 10:02 - 2014-10-31 09:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-11-12 10:02 - 2014-10-31 09:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-11-12 10:01 - 2014-10-23 12:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll 2014-11-12 10:01 - 2014-10-23 12:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll 2014-11-12 10:01 - 2014-10-07 13:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2014-11-12 10:01 - 2014-10-07 13:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2014-11-12 10:01 - 2014-10-07 13:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2014-11-12 10:01 - 2014-10-07 13:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2014-11-12 10:01 - 2014-10-07 13:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2014-11-12 10:01 - 2014-10-07 10:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2014-11-12 10:01 - 2014-10-07 10:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2014-11-12 10:01 - 2014-10-07 10:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2014-11-12 10:01 - 2014-10-07 10:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-11-12 10:01 - 2014-10-07 08:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2014-11-12 10:01 - 2014-10-07 08:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-11-12 10:01 - 2014-09-10 13:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2014-11-12 10:01 - 2014-09-08 10:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-11-12 10:01 - 2014-09-08 10:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-11-12 10:01 - 2014-09-08 05:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-11-12 10:01 - 2014-09-05 05:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2014-11-12 10:01 - 2014-09-05 05:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-11-12 10:01 - 2014-09-04 10:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-11-12 10:01 - 2014-09-04 09:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-11-12 10:01 - 2014-09-04 08:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2014-11-12 10:01 - 2014-09-04 07:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2014-11-12 10:01 - 2014-08-31 07:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-11-12 10:01 - 2014-08-31 07:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-11-12 10:01 - 2014-08-31 05:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-11-12 10:01 - 2014-08-31 05:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll 2014-11-12 10:01 - 2014-08-31 04:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll 2014-11-12 10:01 - 2014-08-31 04:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2014-11-12 10:01 - 2014-08-31 03:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll 2014-11-12 10:01 - 2014-08-31 03:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-11-12 10:01 - 2014-08-28 09:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-11-12 10:01 - 2014-08-28 07:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2014-11-12 10:01 - 2014-08-28 07:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2014-11-12 10:01 - 2014-08-23 12:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-11-12 10:01 - 2014-08-23 12:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-11-12 10:01 - 2014-08-23 12:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-11-12 10:01 - 2014-08-23 12:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-11-12 10:01 - 2014-08-23 11:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-11-12 10:01 - 2014-08-02 07:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2014-11-12 10:01 - 2014-08-02 07:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-11 10:02 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-12-11 09:54 - 2014-02-10 14:58 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-12-11 09:32 - 2013-07-31 17:46 - 00000000 ____D () C:\ProgramData\VMware 2014-12-11 08:54 - 2013-10-18 10:57 - 01202488 _____ () C:\WINDOWS\WindowsUpdate.log 2014-12-11 08:16 - 2013-10-18 14:04 - 00000000 ____D () C:\Users\acer\AppData\Roaming\VMware 2014-12-11 04:48 - 2013-10-18 13:21 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{64060840-E01C-4C8F-B485-FCD2F005B6D1} 2014-12-11 03:23 - 2012-07-26 14:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-12-11 03:21 - 2013-08-04 22:22 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-12-11 03:21 - 2013-08-01 23:55 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-12-10 23:13 - 2013-07-31 17:26 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1606645829-3171774752-743400600-1002 2014-12-10 23:00 - 2013-09-30 11:14 - 01785036 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-12-10 23:00 - 2013-09-30 10:56 - 00768266 _____ () C:\WINDOWS\system32\perfh007.dat 2014-12-10 23:00 - 2013-09-30 10:56 - 00160576 _____ () C:\WINDOWS\system32\perfc007.dat 2014-12-10 12:55 - 2013-08-10 05:36 - 00000000 ____D () C:\Users\acer\AppData\Roaming\MyPhoneExplorer 2014-12-10 10:37 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-12-10 10:05 - 2014-08-22 09:38 - 00001954 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-12-10 10:05 - 2014-08-22 09:37 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-12-10 00:54 - 2014-02-10 14:58 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-12-09 23:59 - 2013-11-21 10:33 - 00000000 ____D () C:\Users\acer\Documents\FinePrint-Dateien 2014-12-09 21:40 - 2014-09-15 15:58 - 00000000 ____D () C:\Users\acer\AppData\Local\Google 2014-12-09 21:40 - 2014-09-15 15:58 - 00000000 ____D () C:\Program Files (x86)\Google 2014-12-09 21:25 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp 2014-12-09 19:27 - 2013-08-22 21:46 - 00356214 _____ () C:\WINDOWS\setupact.log 2014-12-09 13:43 - 2013-07-31 21:07 - 00000000 ____D () C:\Users\acer\AppData\Local\Packages 2014-12-09 11:42 - 2013-10-18 14:04 - 00000000 ____D () C:\Users\acer\AppData\Local\VMware 2014-12-09 11:10 - 2014-10-08 14:08 - 00743424 ___SH () C:\Users\acer\Desktop\Thumbs.db 2014-12-09 10:41 - 2013-10-18 11:57 - 00000000 ___DO () C:\Users\acer\SkyDrive 2014-12-09 10:37 - 2013-08-11 15:01 - 00016152 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys 2014-12-09 10:37 - 2013-08-11 15:01 - 00000422 _____ () C:\WINDOWS\Tasks\SlimDrivers Startup.job 2014-12-09 10:36 - 2013-08-22 21:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-12-09 10:36 - 2013-08-10 05:22 - 00000575 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics 2014-12-09 10:35 - 2013-09-30 02:04 - 00222980 _____ () C:\WINDOWS\PFRO.log 2014-12-09 10:35 - 2013-08-28 00:21 - 00000000 ____D () C:\AdwCleaner 2014-12-09 10:35 - 2013-08-22 20:25 - 22544384 ___SH () C:\WINDOWS\system32\config\BBI 2014-12-09 09:28 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\Web 2014-12-08 13:08 - 2013-09-16 03:12 - 00000000 ____D () C:\DANGER keygens 2014-12-03 20:13 - 2014-07-17 19:41 - 00003848 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1379176262 2014-12-03 20:13 - 2013-09-14 23:31 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-12-03 20:13 - 2013-09-14 23:31 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-11-28 01:18 - 2013-08-22 22:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-11-28 01:18 - 2013-08-22 22:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2014-11-27 04:10 - 2013-08-22 22:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-11-27 04:10 - 2013-08-22 22:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-14 22:12 - 2013-08-11 04:52 - 00000000 ____D () C:\temp 2014-11-14 02:16 - 2013-07-31 17:46 - 01806364 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2014-11-14 02:15 - 2013-08-01 17:16 - 00000000 ____D () C:\Program Files (x86)\VMware 2014-11-14 02:07 - 2013-07-31 17:41 - 00000000 ____D () C:\winkmd 2014-11-13 05:12 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-11-12 22:38 - 2013-10-18 10:54 - 00000000 ____D () C:\Users\acer 2014-11-12 22:31 - 2013-08-22 21:44 - 00388504 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-11-12 22:29 - 2013-08-22 22:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-12 22:29 - 2013-08-22 22:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-12 22:29 - 2013-08-22 22:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-11-12 22:29 - 2013-08-22 22:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-11-12 18:43 - 2013-08-11 00:35 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-11-12 18:31 - 2013-08-11 17:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG 2014-11-12 18:31 - 2013-04-18 17:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-11-12 18:30 - 2014-07-18 10:55 - 00000000 ____D () C:\Users\acer\AppData\Local\Downloaded Installations 2014-11-12 17:01 - 2013-08-12 03:54 - 00000000 ____D () C:\Users\acer\AppData\Roaming\vlc Some content of TEMP: ==================== C:\Users\acer\AppData\Local\Temp\Quarantine.exe C:\Users\acer\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-09 11:34 ==================== End Of Log ============================ --- --- --- --- --- --- |
|
11.12.2014, 20:42
| #11 | |
| /// the machine /// TB-Ausbilder | adfoc.us ruft unerwünschte websites aufZitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.12.2014, 10:33
| #12 |
| | adfoc.us ruft unerwünschte websites auf Verzeichnis für Dateien, denen ich nicht traue ist aber historisch - Name klingt gefährlicher als es ist benutze ich jetzt als Lagerstätte für Dateien die in sonst kein Verzeichnis passen jetzt ist die adfocus website wieder da bin gerade mit dem tablet ins Internet gegangen - und sihe da: adfoc.us Router? Leider komme ich nicht mehr mit dem bekannten Passwort in den Router rein |
|
13.12.2014, 08:09
| #13 |
| /// the machine /// TB-Ausbilder | adfoc.us ruft unerwünschte websites auf Router auf Werkseinstellungen zurücksetzen, dann alle Browser zurücksetzen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.12.2014, 13:51
| #14 |
| | adfoc.us ruft unerwünschte websites auf So, jetzt seit einigen Tagen kein Mucks mehr von adfoc.us Danke für die Hilfe - Wie konnte der in den Router kommen? |
|
16.12.2014, 21:41
| #15 |
| /// the machine /// TB-Ausbilder | adfoc.us ruft unerwünschte websites auf Ne Lücke im Router. Firmware updaten. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu adfoc.us ruft unerwünschte websites auf |
| adfoc.us, chrome, default, durchgeführt, killer, log, website, websites |
Linear-Darstellung
