| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: web.de account verschickt selbständig unerwünschte LinksWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.03.2015, 11:36
| #1 |
| |  web.de account verschickt selbständig unerwünschte Links Hallo ihr Lieben  Gestern wollte ich eine EMail in meinem web.de Account verfassen, als mich parallel eine EMail meiner Tante erreichte, die mich fragte was meine Mail darstellen sollte. Da ich zu diesem Zeitpunkt aber noch gar keine Mail verschickt hatte, habe ich im Postausgang nachgesehen und musste Folgendes feststellen: Zu einem Zeitpunkt an dem der Laptop zwar an, ich aber definitiv nicht bei web.de online war, wurden insgesamt 4 EMails verschickt. Jede war an mehrere meiner Kontakte adressiert, so dass so ziemlich alle aus meiner Liste eine Mail erhalten hatten. Im Betreff stand jeweils 2 mal "hi there" und 2 mal "hi friend" und es war jeweils lediglich ein Link im Inhalt. Ich persönlich habe die Links nicht geöffnet (meine Tante allerdings schon). Habe mir die Seiten der Links aber gegoogelt und stellte fest, dass diese französischen, japanischen, portugiesischen und amerikanischen Inhalts waren. Laut Google alles recht unscheinbare Seiten. Ich habe das jedoch nicht weiter verfolgt. War dort nicht online oder so, habe nur die Google Ergebnisse auf dem Schirm gehabt. Dann kam meine -ich gebe zu recht panische- Reaktionskette in Gang.
Ich war von der ganzen Aktion sehr geschockt, da ich grds. keine Seiten betrete, von denen AVAST sagt, sie seien nicht vertrauenswürdig. Zudem öffne ich keine Mails, die ich nicht kenne, sondern lösche sie direkt. Und Anhänge, die ich nicht erwartet habe oder die mir sonst irgendwie suspekt sind, öffne ich nicht einmal, wenn mir der Absender bekannt ist. Ich sollte vllt noch anmerken, dass das Problem gestern zum ersten Mal auftauchte und, dass ich in den vergangenen Monaten nichts heruntergeladen habe. Zumindest nicht beabsichtigt/bewusst. So eröffnen sich mir -neben dem Rätsel wie ich überhaupt zu dem Schlamassel gekommen bin- natürlich folgende Fragen:
Vielen Dank übrigens schon im Voraus an denjenigen, der sich meines Problems erbarmt. Ich bin zwar kein völliger Idiot, aber prinzipiell habe ich von PCs und Co. keine Ahnung. Geändert von Melle1982 (10.03.2015 um 11:42 Uhr) |
|
10.03.2015, 11:41
| #2 |
| /// the machine /// TB-Ausbilder    | web.de account verschickt selbständig unerwünschte Links hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
10.03.2015, 12:12
| #3 |
| | web.de account verschickt selbständig unerwünschte Links WOW! Schnelle Reaktion
__________________ Danke erstmal schon hierfür FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2015 01
Ran by Melle mobil (administrator) on MELLE on 10-03-2015 12:06:10
Running from C:\Users\Melle mobil\Downloads
Loaded Profiles: UpdatusUser & Melle mobil (Available profiles: UpdatusUser & Melle mobil)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Java\jre6\bin\jusched.exe [148888 2015-02-11] (Sun Microsystems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2442446365-1373078036-4176911373-1002\...\Run: [SSync] => C:\Users\Melle mobil\AppData\Roaming\SSync\SSync.exe [36864 2013-04-09] ()
HKU\S-1-5-21-2442446365-1373078036-4176911373-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-02-17] (Electronic Arts)
HKU\S-1-5-21-2442446365-1373078036-4176911373-1002\...\Run: [SCheck] => C:\Users\Melle mobil\AppData\Roaming\SCheck\SCheck.exe [37376 2013-12-09] ()
HKU\S-1-5-21-2442446365-1373078036-4176911373-1002\...\Run: [Intermediate] => C:\Users\Melle mobil\AppData\Roaming\Intermediate\Intermediate.exe [37376 2013-12-09] ()
HKU\S-1-5-21-2442446365-1373078036-4176911373-1002\...\MountPoints2: {cd492e30-abd7-11e2-be8c-b888e359b6ba} - "E:\LGAutoRun.exe"
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2442446365-1373078036-4176911373-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-2442446365-1373078036-4176911373-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.fbdownloader.com/?channel=fpo
HKU\S-1-5-21-2442446365-1373078036-4176911373-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
URLSearchHook: [S-1-5-21-2442446365-1373078036-4176911373-1001] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2442446365-1373078036-4176911373-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.fbdownloader.com/search.php?channel=fpo&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2442446365-1373078036-4176911373-1002 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-2442446365-1373078036-4176911373-1002 -> {62B07A5B-C636-4CE0-9B00-AC516C012F93} URL =
SearchScopes: HKU\S-1-5-21-2442446365-1373078036-4176911373-1002 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2442446365-1373078036-4176911373-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2442446365-1373078036-4176911373-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.fbdownloader.com/search.php?channel=fpo&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-06-13] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-06-13] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-02-11] (Sun Microsystems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Melle mobil\AppData\Roaming\Mozilla\Firefox\Profiles\2kxjj07a.default
FF DefaultSearchEngine: Search
FF DefaultSearchUrl: hxxp://search.fbdownloader.com/search.php?channel=fpo&q=
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Search
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://search.fbdownloader.com/search.php?channel=fpo&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Users\Melle mobil\Desktop\Bilder\Picasa3\npPicasa3.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Melle mobil\AppData\Roaming\Mozilla\Firefox\Profiles\2kxjj07a.default\searchplugins\google-images.xml [2014-12-21]
FF SearchPlugin: C:\Users\Melle mobil\AppData\Roaming\Mozilla\Firefox\Profiles\2kxjj07a.default\searchplugins\google-maps.xml [2014-12-21]
FF SearchPlugin: C:\Users\Melle mobil\AppData\Roaming\Mozilla\Firefox\Profiles\2kxjj07a.default\searchplugins\search.xml [2015-02-18]
FF SearchPlugin: C:\Users\Melle mobil\AppData\Roaming\Mozilla\Firefox\Profiles\2kxjj07a.default\searchplugins\yahoo-avast.xml [2014-06-15]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Melle mobil\AppData\Roaming\Mozilla\Firefox\Profiles\2kxjj07a.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-12-01]
FF Extension: WEB.DE MailCheck - C:\Users\Melle mobil\AppData\Roaming\Mozilla\Firefox\Profiles\2kxjj07a.default\Extensions\toolbar@web.de [2015-03-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-31]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-13] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-05] (Electronic Arts)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-16] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-13] ()
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-16] (Dritek System Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
R4 mwlPSDFilter; system32\DRIVERS\mwlPSDFilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-10 12:06 - 2015-03-10 12:06 - 00014831 _____ () C:\Users\Melle mobil\Downloads\FRST.txt
2015-03-10 12:06 - 2015-03-10 12:06 - 00000000 ____D () C:\FRST
2015-03-10 12:04 - 2015-03-10 12:04 - 02095104 _____ (Farbar) C:\Users\Melle mobil\Downloads\FRST64.exe
2015-03-09 16:24 - 2015-03-09 16:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-09 16:23 - 2015-03-09 16:23 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Melle mobil\Downloads\mbam-setup-2.0.4.1028(2).exe
2015-03-05 08:51 - 2015-03-05 08:52 - 00000000 ____D () C:\Users\Melle mobil\Desktop\Regeln
2015-02-18 18:47 - 2015-02-18 18:47 - 00000000 ____D () C:\Users\Melle mobil\AppData\Roaming\Snz
2015-02-18 18:46 - 2015-02-18 18:46 - 00000000 ____D () C:\Users\Melle mobil\AppData\Roaming\FBDownloader
2015-02-11 18:38 - 2015-02-14 14:45 - 00000000 ____D () C:\Users\Melle mobil\Documents\Create at Home Projekts
2015-02-11 17:04 - 2015-02-11 17:04 - 00000000 ____D () C:\Users\Melle mobil\AppData\Roaming\MPC
2015-02-11 17:03 - 2015-02-11 17:03 - 00000000 ____D () C:\Users\Melle mobil\.kodakch
2015-02-11 17:01 - 2015-02-14 18:31 - 00000000 ____D () C:\Program Files (x86)\KODAK Create@Home Software (für dm)
2015-02-11 16:57 - 2015-02-11 16:57 - 00410984 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deploytk.dll
2015-02-11 16:57 - 2015-02-11 16:57 - 00148888 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2015-02-11 16:57 - 2015-02-11 16:57 - 00144792 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2015-02-11 16:57 - 2015-02-11 16:57 - 00144792 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2015-02-11 16:55 - 2015-02-11 16:55 - 00000000 ____D () C:\Users\Melle mobil\AppData\Roaming\Kodak Alaris Inc
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-10 12:06 - 2013-05-29 08:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-10 12:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2015-03-10 02:12 - 2014-10-12 05:07 - 02085616 _____ () C:\Windows\WindowsUpdate.log
2015-03-09 20:33 - 2013-03-02 13:24 - 00000000 ____D () C:\ProgramData\Origin
2015-03-09 19:31 - 2012-08-03 08:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-09 19:24 - 2013-03-02 11:35 - 00000000 ____D () C:\Users\Melle mobil\AppData\Roaming\DVDVideoSoft
2015-03-09 19:22 - 2013-03-02 08:56 - 00000000 ___RD () C:\Users\Melle mobil\Desktop\Haushalt
2015-03-09 18:16 - 2012-08-16 15:01 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2015-03-09 18:16 - 2012-08-16 15:01 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2015-03-09 18:16 - 2012-07-26 08:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-09 18:11 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-09 16:52 - 2012-07-26 06:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-03-09 16:50 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\registration
2015-03-08 10:17 - 2013-03-01 20:58 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2442446365-1373078036-4176911373-1002
2015-03-07 19:48 - 2013-03-01 20:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-05 12:39 - 2014-02-09 18:47 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-05 08:48 - 2013-03-09 13:49 - 05544960 ___SH () C:\Users\Melle mobil\Desktop\Thumbs.db
2015-03-02 21:31 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-02 21:22 - 2013-03-07 23:44 - 00000000 ___RD () C:\Users\Public\Documents\HAUSHALT
2015-02-27 08:25 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2015-02-18 18:47 - 2013-07-25 11:44 - 00000000 ____D () C:\Users\Melle mobil\AppData\Roaming\SCheck
2015-02-18 18:47 - 2013-07-25 11:44 - 00000000 ____D () C:\Users\Melle mobil\AppData\Roaming\Intermediate
2015-02-15 10:05 - 2013-03-02 13:23 - 00000000 ____D () C:\Users\Melle mobil\AppData\Local\CrashDumps
2015-02-11 17:03 - 2013-03-01 20:52 - 00000000 ____D () C:\Users\Melle mobil
2015-02-11 16:57 - 2013-03-20 22:45 - 00000000 ____D () C:\Program Files (x86)\Java
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-09 07:10
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-03-2015 01
Ran by Melle mobil at 2015-03-10 12:07:08
Running from C:\Users\Melle mobil\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
clear.fi SDK - Video 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
7-Zip 9.35 beta (HKLM-x32\...\7-Zip) (Version: - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0053 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3003 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3003 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3006 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3112 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3103 - Acer Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Backup Manager v4 (x32 Version: 4.0.0.0053 - NTI Corporation) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.4.2 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 3.28 - Piriform)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3107 - Acer Incorporated)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.4.83.1010 - Electronic Arts Inc.)
EPSON SX420W Series Printer Uninstall (HKLM\...\EPSON SX420W Series) (Version: - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.6.4.001_WHQL (HKLM\...\Elantech) (Version: 11.6.4.001 - ELAN Microelectronic Corp.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3002 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java(TM) 6 Update 12 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216012FF}) (Version: 6.0.120 - Sun Microsystems, Inc.)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.3 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3002 - Acer Incorporated)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.10 - Symantec Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3102 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3102 - Acer)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
23-02-2015 12:40:44 Geplanter Prüfpunkt
04-03-2015 04:42:32 Geplanter Prüfpunkt
09-03-2015 19:25:07 Removed MyWinLocker Suite
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {17E4CA9F-25FD-494E-BB74-B84A209FCA12} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {1821D6CB-7DE1-47E0-A1D9-E41E9D7C5D82} - System32\Tasks\Microsoft\Windows\Setup\8.1 auto install => C:\Windows\system32\NotificationUI.exe [2014-08-21] (Microsoft Corporation)
Task: {35F0FA45-0148-49F6-B672-F16E5641DD5A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-19] (Piriform Ltd)
Task: {5031E43D-8433-478B-ADEF-ED7A3609D51E} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {7FE32160-4964-4C7C-A9EB-649FFE11017C} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {C26874A0-F467-4F63-8A24-361690665300} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {DB52C38A-7BED-4C11-8C09-4DA13108FB1A} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {E5A4C4C5-903D-4EDA-A171-00071D962634} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {E88457A2-4A3F-47E7-BA37-3F8A0C6C011D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-13] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2014-05-16 01:32 - 2014-05-16 01:32 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-08-09 10:12 - 2012-08-08 16:48 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-20 01:45 - 2013-02-20 01:45 - 00036864 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-03-09 11:36 - 2015-03-09 11:36 - 02919936 _____ () C:\Program Files\AVAST Software\Avast\defs\15030900\algo.dll
2015-03-10 10:12 - 2015-03-10 10:12 - 02920960 _____ () C:\Program Files\AVAST Software\Avast\defs\15031000\algo.dll
2012-07-31 00:04 - 2012-07-31 00:04 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2013-12-16 20:41 - 2013-12-16 20:41 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-08-16 05:31 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2442446365-1373078036-4176911373-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Melle mobil\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-2442446365-1373078036-4176911373-500 - Administrator - Disabled)
Gast (S-1-5-21-2442446365-1373078036-4176911373-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2442446365-1373078036-4176911373-1004 - Limited - Enabled)
Melle mobil (S-1-5-21-2442446365-1373078036-4176911373-1002 - Administrator - Enabled) => C:\Users\Melle mobil
UpdatusUser (S-1-5-21-2442446365-1373078036-4176911373-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/10/2015 03:01:29 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (03/10/2015 03:01:29 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (03/10/2015 03:01:29 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (03/10/2015 03:00:31 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" in Zeile Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/10/2015 03:00:21 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" in Zeile Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/08/2015 10:20:45 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (03/08/2015 10:20:45 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (03/08/2015 10:20:45 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (03/08/2015 10:19:10 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (03/08/2015 10:19:10 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
System errors:
=============
Error: (03/10/2015 10:15:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (03/10/2015 10:13:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (03/09/2015 10:14:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (03/09/2015 10:12:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (03/09/2015 06:13:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (03/09/2015 06:12:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (03/09/2015 06:11:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (03/09/2015 06:11:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BlueStacks Hypervisor" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (03/09/2015 06:11:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (03/09/2015 04:52:44 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d0
Microsoft Office Sessions:
=========================
Error: (03/10/2015 03:01:29 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
Error: (03/10/2015 03:01:29 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4
Error: (03/10/2015 03:01:29 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4
Error: (03/10/2015 03:00:31 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files (x86)\NTI\acer backup manager\Migrate\OutlookMsgNet64.exec:\program files (x86)\NTI\acer backup manager\Migrate\Microsoft.VC90.MFC\Microsoft.VC90.MFC.MANIFEST11
Error: (03/10/2015 03:00:21 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files (x86)\NTI\acer backup manager\OutlookMsgNet64.exec:\program files (x86)\NTI\acer backup manager\Microsoft.VC90.MFC\Microsoft.VC90.MFC.MANIFEST11
Error: (03/08/2015 10:20:45 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
Error: (03/08/2015 10:20:45 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4
Error: (03/08/2015 10:20:45 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4
Error: (03/08/2015 10:19:10 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
Error: (03/08/2015 10:19:10 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Percentage of memory in use: 48%
Total physical RAM: 3909.27 MB
Available physical RAM: 1996.86 MB
Total Pagefile: 9285.27 MB
Available Pagefile: 7195.62 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:446.19 GB) (Free:368.16 GB) NTFS
Drive d: (Sims4_2) (CDROM) (Total:0.48 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 62DBB0A4)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
10.03.2015, 19:53
| #4 |
| /// the machine /// TB-Ausbilder | web.de account verschickt selbständig unerwünschte Links hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.03.2015, 20:50
| #5 |
| | web.de account verschickt selbständig unerwünschte Links Das mbar Ding sagt mir nach erfolgtem Scan, dass keine malware gefunden wurde und ein cleanup nicht notwendig ist. Die einzigen Optionen, die ich jetzt dort habe sind Previous und Exit Soll ich also rausgehen und dann mit dem zweiten Programm weiter machen? Oder ist das normal und wenn ich exit nehme, starte das Programm automatisch den Laptop neu? Sorry, bin etwas verwirrt und möchte nur sicher sein bevor ich was anklicke um nix falsch zu machen. Ah sorry, völlig verpeilt! Hier davon die Datei Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.2.9200 Windows 8 x64
Account is Administrative
Internet Explorer version: 10.0.9200.17088
Java version: 1.6.0_12
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 4099170304, free: 1566953472
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.2.9200 Windows 8 x64
Account is Administrative
Internet Explorer version: 10.0.9200.17088
Java version: 1.6.0_12
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 4099170304, free: 1738874880
Downloaded database version: v2015.03.10.05
Downloaded database version: v2015.02.25.01
Downloaded database version: v2015.03.09.01
=======================================
Initializing...
------------ Kernel report ------------
03/10/2015 20:19:20
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\DRIVERS\mwlPSDFilter.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys
\SystemRoot\system32\DRIVERS\mwlPSDNServ.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\k57nd60a.sys
\SystemRoot\System32\drivers\bScsiSDa.sys
\SystemRoot\System32\drivers\SCSIPORT.SYS
\SystemRoot\System32\drivers\bScsiMSa.sys
\SystemRoot\System32\drivers\b57xdbd.sys
\SystemRoot\system32\DRIVERS\bcmwl63a.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\aPs2Kb2Hid.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\ETD.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\??\C:\Windows\system32\drivers\UBHelper.sys
\??\C:\Windows\system32\drivers\NTIDrvr.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\drivers\b57xdmp.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\WSDScan.sys
\SystemRoot\System32\drivers\WSDPrint.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.03.10.05
rootkit: v2015.02.25.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80068a5740, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80068a51f0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80068a5740, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8004fc1060, DeviceName: \Device\00000036\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\Windows\System32\Drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 62DBB0A4
GPT Protective MBR Partition information:
Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
GPT Partition information:
GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 2317392922
GPT Header CurrentLba = 1 BackupLba 976773167
GPT Header FirstUsableLba 34 LastUsableLba 976773134
GPT Header Guid 69032e55-10b9-461a-a5c1-6bb468d3f5b
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128
Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 2317392922
Backup GPT header CurrentLba = 976773167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 976773134
Backup GPT header Guid 69032e55-10b9-461a-a5c1-6bb468d3f5b
Backup GPT header Contains 128 partition entries starting at LBA 976773135
Backup GPT header Partition entry size = 128
Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 3c23b750-c8ec-43d9-863a-cb5282b1414d
FirstLBA 2048 Last LBA 821247
Attributes 1
Partition Name Basic data partition
Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID 8f623d3e-3828-407d-9f4f-9d56af95f9a2
FirstLBA 821248 Last LBA 1435647
Attributes 0
Partition Name EFI system partition
GPT Partition 1 is bootable
Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 5e662843-9d46-43f2-8bea-9ac4ae512cdc
FirstLBA 1435648 Last LBA 1697791
Attributes 0
Partition Name Microsoft reserved partition
Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID f68781b-4641-4c6b-b04f-6b602a48eb1a
FirstLBA 1697792 Last LBA 937428991
Attributes 0
Partition Name Basic data partition
Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID c75e8e49-3df4-4557-b039-50f829909cc2
FirstLBA 937428992 Last LBA 976773119
Attributes 1
Partition Name Basic data partition
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Done!
Scan finished
|
|
11.03.2015, 10:45
| #6 |
| /// the machine /// TB-Ausbilder | web.de account verschickt selbständig unerwünschte Links Ja einfach exit und dann TDSSKiller
__________________ --> web.de account verschickt selbständig unerwünschte Links |
|
11.03.2015, 14:36
| #7 |
| | web.de account verschickt selbständig unerwünschte Links Und wieder   NO THREATS FOUND  Ich trau mich fast nich zu fragen, und ich weiß ja: Menschen die mit PC und/oder Autos zu tun haben geben überhaupt nich gern Prognosen, aber.... das is gut, oder? Code:
ATTFilter 14:30:06.0669 0x15cc TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:30:06.0669 0x15cc UEFI system
14:30:11.0669 0x15cc ============================================================
14:30:11.0669 0x15cc Current date / time: 2015/03/11 14:30:11.0669
14:30:11.0669 0x15cc SystemInfo:
14:30:11.0669 0x15cc
14:30:11.0669 0x15cc OS Version: 6.2.9200 ServicePack: 0.0
14:30:11.0669 0x15cc Product type: Workstation
14:30:11.0669 0x15cc ComputerName: MELLE
14:30:11.0669 0x15cc UserName: Melle mobil
14:30:11.0669 0x15cc Windows directory: C:\Windows
14:30:11.0669 0x15cc System windows directory: C:\Windows
14:30:11.0669 0x15cc Running under WOW64
14:30:11.0669 0x15cc Processor architecture: Intel x64
14:30:11.0669 0x15cc Number of processors: 4
14:30:11.0669 0x15cc Page size: 0x1000
14:30:11.0669 0x15cc Boot type: Normal boot
14:30:11.0669 0x15cc ============================================================
14:30:11.0794 0x15cc System UUID: {463DE102-F355-AAAF-4156-AA4F07F6D36D}
14:30:12.0451 0x15cc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:30:12.0451 0x15cc ============================================================
14:30:12.0451 0x15cc \Device\Harddisk0\DR0:
14:30:12.0451 0x15cc GPT partitions:
14:30:12.0451 0x15cc \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3C23B750-C8EC-43D9-863A-CB5282B1414D}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
14:30:12.0451 0x15cc \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {8F623D3E-3828-407D-9F4F-9D56AF95F9A2}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
14:30:12.0451 0x15cc \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {5E662843-9D46-43F2-8BEA-9AC4AE512CDC}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
14:30:12.0451 0x15cc \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0F68781B-4641-4C6B-B04F-6B602A48EB1A}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x37C62000
14:30:12.0451 0x15cc \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C75E8E49-3DF4-4557-B039-50F829909CC2}, Name: Basic data partition, StartLBA 0x37E00800, BlocksNum 0x2585800
14:30:12.0451 0x15cc MBR partitions:
14:30:12.0451 0x15cc ============================================================
14:30:12.0482 0x15cc C: <-> \Device\Harddisk0\DR0\Partition4
14:30:12.0482 0x15cc ============================================================
14:30:12.0482 0x15cc Initialize success
14:30:12.0482 0x15cc ============================================================
14:30:19.0577 0x0cd0 ============================================================
14:30:19.0577 0x0cd0 Scan started
14:30:19.0577 0x0cd0 Mode: Manual; SigCheck; TDLFS;
14:30:19.0577 0x0cd0 ============================================================
14:30:19.0577 0x0cd0 KSN ping started
14:30:21.0874 0x0cd0 KSN ping finished: true
14:30:22.0921 0x0cd0 ================ Scan system memory ========================
14:30:22.0921 0x0cd0 System memory - ok
14:30:22.0921 0x0cd0 ================ Scan services =============================
14:30:23.0124 0x0cd0 [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
14:30:23.0171 0x0cd0 1394ohci - ok
14:30:23.0186 0x0cd0 [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\Windows\system32\drivers\3ware.sys
14:30:23.0202 0x0cd0 3ware - ok
14:30:23.0233 0x0cd0 [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:30:23.0264 0x0cd0 ACPI - ok
14:30:23.0296 0x0cd0 [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\Windows\system32\Drivers\acpiex.sys
14:30:23.0311 0x0cd0 acpiex - ok
14:30:23.0327 0x0cd0 [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
14:30:23.0389 0x0cd0 acpipagr - ok
14:30:23.0421 0x0cd0 [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
14:30:23.0499 0x0cd0 AcpiPmi - ok
14:30:23.0530 0x0cd0 [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\Windows\System32\drivers\acpitime.sys
14:30:23.0561 0x0cd0 acpitime - ok
14:30:23.0718 0x0cd0 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:30:23.0718 0x0cd0 AdobeARMservice - ok
14:30:23.0874 0x0cd0 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:30:23.0889 0x0cd0 AdobeFlashPlayerUpdateSvc - ok
14:30:24.0171 0x0cd0 [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:30:24.0202 0x0cd0 adp94xx - ok
14:30:24.0311 0x0cd0 [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:30:24.0343 0x0cd0 adpahci - ok
14:30:24.0390 0x0cd0 [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:30:24.0405 0x0cd0 adpu320 - ok
14:30:24.0483 0x0cd0 [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:30:24.0640 0x0cd0 AeLookupSvc - ok
14:30:24.0827 0x0cd0 [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD C:\Windows\system32\drivers\afd.sys
14:30:25.0030 0x0cd0 AFD - ok
14:30:25.0093 0x0cd0 [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:30:25.0218 0x0cd0 agp440 - ok
14:30:25.0280 0x0cd0 [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\Windows\System32\alg.exe
14:30:25.0405 0x0cd0 ALG - ok
14:30:25.0421 0x0cd0 [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
14:30:25.0546 0x0cd0 AllUserInstallAgent - ok
14:30:25.0624 0x0cd0 [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
14:30:25.0936 0x0cd0 AmdK8 - ok
14:30:25.0968 0x0cd0 [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
14:30:26.0030 0x0cd0 AmdPPM - ok
14:30:26.0077 0x0cd0 [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:30:26.0093 0x0cd0 amdsata - ok
14:30:26.0108 0x0cd0 [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:30:26.0124 0x0cd0 amdsbs - ok
14:30:26.0155 0x0cd0 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:30:26.0155 0x0cd0 amdxata - ok
14:30:26.0171 0x0cd0 [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\Windows\system32\drivers\appid.sys
14:30:26.0218 0x0cd0 AppID - ok
14:30:26.0249 0x0cd0 [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:30:26.0280 0x0cd0 AppIDSvc - ok
14:30:26.0311 0x0cd0 [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo C:\Windows\System32\appinfo.dll
14:30:26.0343 0x0cd0 Appinfo - ok
14:30:26.0374 0x0cd0 [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\Windows\system32\drivers\arc.sys
14:30:26.0390 0x0cd0 arc - ok
14:30:26.0405 0x0cd0 [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:30:26.0421 0x0cd0 arcsas - ok
14:30:26.0452 0x0cd0 [ 340B0467E98A8C92697D73034DB4BCB7, 342572B566747A05DA5391CFC027A6703AECCE29C3D288428884D8641A35D0F5 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
14:30:26.0468 0x0cd0 aswHwid - ok
14:30:26.0499 0x0cd0 [ ED5B09937D559FFA53FC988D20031E98, EC9E50C9BC2184AE93944EA3115A25BADF5FFB91D11776498EBC9A0D60029A84 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
14:30:26.0515 0x0cd0 aswMonFlt - ok
14:30:26.0530 0x0cd0 [ 33C77DCB0AEC76E26BD6352A1A5281BB, CEA7BB3407C1F900DE5CB09F42AF7734811F86B7DE0085FADC7AAE8178D59665 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
14:30:26.0546 0x0cd0 aswRdr - ok
14:30:26.0561 0x0cd0 [ BF5B9E9E97CED45208E498D9FA73688F, BCB2CC516EAD040573D80599C2306ECB26FCCB16A97B940327CD3A3CE9077877 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
14:30:26.0577 0x0cd0 aswRvrt - ok
14:30:26.0624 0x0cd0 [ F88CE00A7736C349ED1414D7ECDC9BED, 8C0783CE32968874065C2F46088B34F9C872F26C98AB8E8BA895D84CCB25E534 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
14:30:26.0733 0x0cd0 aswSnx - ok
14:30:26.0765 0x0cd0 [ 3AE912B08E2A1ABB2B63F3C56BED95C2, BE99BA3A74427444FEE5D47D70BDBA631DBBF50D80B0483C0675F87119926765 ] aswSP C:\Windows\system32\drivers\aswSP.sys
14:30:26.0796 0x0cd0 aswSP - ok
14:30:26.0812 0x0cd0 [ A7115ED31675BB823CFA9FE571C25676, DEEBB3920934DCDDD488DCFCB1E6F4C7EFDD3C79F31E41D59E292C3CF9400E95 ] aswStm C:\Windows\system32\drivers\aswStm.sys
14:30:26.0827 0x0cd0 aswStm - ok
14:30:26.0858 0x0cd0 [ 47CBD3F64E412FFAFD93404580A3C7B9, F9B02E232416BAFC21BCBCDC0A3D9E5E855BFAF11F29ED2C4C469692E6688278 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
14:30:26.0874 0x0cd0 aswVmm - ok
14:30:26.0905 0x0cd0 [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:30:26.0952 0x0cd0 AsyncMac - ok
14:30:26.0968 0x0cd0 [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\Windows\system32\drivers\atapi.sys
14:30:26.0983 0x0cd0 atapi - ok
14:30:27.0108 0x0cd0 [ DECE3E2832F125A41A02FB59F4C54EEA, 2994024E5C295E9FDF4C6C0A8F2B17C07C158AD1567BEDA46A482C6C08F460BC ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:30:27.0265 0x0cd0 athr - ok
14:30:27.0312 0x0cd0 [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
14:30:27.0452 0x0cd0 AudioEndpointBuilder - ok
14:30:27.0733 0x0cd0 [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:30:27.0890 0x0cd0 Audiosrv - ok
14:30:28.0015 0x0cd0 [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:30:28.0030 0x0cd0 avast! Antivirus - ok
14:30:28.0077 0x0cd0 [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:30:28.0124 0x0cd0 AxInstSV - ok
14:30:28.0296 0x0cd0 [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:30:28.0530 0x0cd0 b06bdrv - ok
14:30:28.0655 0x0cd0 [ 458AF8D6C7B837B3169750254E531095, 0CA3DB39C706A06D90B95D7377A0FEBEFBBBFAD69F7F5087F7DF128C69D674D9 ] b57xdbd C:\Windows\System32\drivers\b57xdbd.sys
14:30:28.0671 0x0cd0 b57xdbd - ok
14:30:28.0687 0x0cd0 [ B97D9ADFEB4F0AADD3DAC9F8D427AA7A, 1F52B09264715192ED73A2871254675425C211BDBFF3575F96A85DE0411B5D7A ] b57xdmp C:\Windows\System32\drivers\b57xdmp.sys
14:30:28.0702 0x0cd0 b57xdmp - ok
14:30:28.0718 0x0cd0 [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
14:30:28.0780 0x0cd0 BasicDisplay - ok
14:30:28.0812 0x0cd0 [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
14:30:28.0843 0x0cd0 BasicRender - ok
14:30:29.0030 0x0cd0 [ 2FE2E0EBCDF1EF22A34B44CED1E59893, CAAF05E0F2ADE9057323FCDE4452DEF1911120BCC0854B8F447F9ACCA036FB86 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl63a.sys
14:30:29.0343 0x0cd0 BCM43XX - ok
14:30:29.0405 0x0cd0 [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC C:\Windows\System32\bdesvc.dll
14:30:29.0452 0x0cd0 BDESVC - ok
14:30:29.0499 0x0cd0 [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\Windows\system32\drivers\Beep.sys
14:30:29.0530 0x0cd0 Beep - ok
14:30:29.0593 0x0cd0 [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE C:\Windows\System32\bfe.dll
14:30:29.0671 0x0cd0 BFE - ok
14:30:29.0734 0x0cd0 [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\Windows\System32\qmgr.dll
14:30:38.0812 0x0cd0 BITS - ok
14:30:38.0859 0x0cd0 [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:30:38.0937 0x0cd0 bowser - ok
14:30:38.0968 0x0cd0 [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
14:30:39.0015 0x0cd0 BrokerInfrastructure - ok
14:30:39.0031 0x0cd0 [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\Windows\System32\browser.dll
14:30:39.0078 0x0cd0 Browser - ok
14:30:39.0109 0x0cd0 [ 0E9B28782D0E5DE7C25207432B791B33, FE33E3B27BEED03922DB2565DECC0E12F8CD586B5060EE4A1A87FF99EEC77B22 ] bScsiMSa C:\Windows\System32\drivers\bScsiMSa.sys
14:30:39.0125 0x0cd0 bScsiMSa - ok
14:30:39.0125 0x0cd0 [ 8168FE3CA8C6C3F18137FF422F3C37DE, 5C0906D50D3585A2850316072FFC8726A70BCFBE7AFB17EE69A70A736125AD7A ] bScsiSDa C:\Windows\System32\drivers\bScsiSDa.sys
14:30:39.0140 0x0cd0 bScsiSDa - ok
14:30:39.0172 0x0cd0 BstHdDrv - ok
14:30:39.0203 0x0cd0 [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
14:30:39.0218 0x0cd0 BthAvrcpTg - ok
14:30:39.0250 0x0cd0 [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
14:30:39.0297 0x0cd0 BthHFEnum - ok
14:30:39.0343 0x0cd0 [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
14:30:39.0375 0x0cd0 bthhfhid - ok
14:30:39.0406 0x0cd0 [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
14:30:39.0437 0x0cd0 BTHMODEM - ok
14:30:39.0468 0x0cd0 [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\Windows\system32\bthserv.dll
14:30:39.0484 0x0cd0 bthserv - ok
14:30:39.0687 0x0cd0 [ F9709CC185D19D73F036CF2E47B6DEA5, 9A811FF234EC256A3A9ACDE7CFA23D9797321010E70CA3C2824AB8BBF07B80C0 ] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
14:30:39.0765 0x0cd0 CCDMonitorService - ok
14:30:39.0859 0x0cd0 [ E41F70406C34F1CB667B4B27D81AD162, 8869C7EB9CBF68B90640765D15DB5B8DACEF45025C1E580AA94D96E32560274B ] ccSet_NARA C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys
14:30:40.0156 0x0cd0 ccSet_NARA - ok
14:30:40.0203 0x0cd0 [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:30:40.0250 0x0cd0 cdfs - ok
14:30:40.0281 0x0cd0 [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\Windows\System32\drivers\cdrom.sys
14:30:40.0312 0x0cd0 cdrom - ok
14:30:40.0343 0x0cd0 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\Windows\System32\certprop.dll
14:30:40.0375 0x0cd0 CertPropSvc - ok
14:30:40.0422 0x0cd0 [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\Windows\System32\drivers\circlass.sys
14:30:40.0468 0x0cd0 circlass - ok
14:30:40.0515 0x0cd0 [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS C:\Windows\system32\drivers\CLFS.sys
14:30:40.0547 0x0cd0 CLFS - ok
14:30:40.0578 0x0cd0 [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
14:30:40.0625 0x0cd0 CmBatt - ok
14:30:40.0672 0x0cd0 [ DBF9E5346431557BF56F41E7F8EC0DC1, D5FA34C873DA9BE40301D53198355556506AB5145B78B14D0AA88570A0058589 ] CNG C:\Windows\system32\Drivers\cng.sys
14:30:40.0703 0x0cd0 CNG - ok
14:30:40.0718 0x0cd0 [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
14:30:40.0750 0x0cd0 CompositeBus - ok
14:30:40.0765 0x0cd0 COMSysApp - ok
14:30:40.0781 0x0cd0 [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\Windows\system32\drivers\condrv.sys
14:30:40.0828 0x0cd0 condrv - ok
14:30:40.0922 0x0cd0 [ 163D27BA7726237F0E320438F0ECB612, D269CEE44EF7AC7E9ED5B9A89AEE3CD08B82D7C5A89A99441ECE03CC8A0ED799 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:30:40.0953 0x0cd0 cphs - ok
14:30:41.0062 0x0cd0 [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:30:41.0078 0x0cd0 CryptSvc - ok
14:30:41.0125 0x0cd0 [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam C:\Windows\system32\drivers\dam.sys
14:30:41.0140 0x0cd0 dam - ok
14:30:41.0187 0x0cd0 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:30:41.0281 0x0cd0 DcomLaunch - ok
14:30:41.0312 0x0cd0 [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc C:\Windows\System32\defragsvc.dll
14:30:41.0344 0x0cd0 defragsvc - ok
14:30:41.0390 0x0cd0 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
14:30:41.0422 0x0cd0 DeviceAssociationService - ok
14:30:41.0609 0x0cd0 [ 6EC5098678F3E8724A9F3E151031FEDE, 50D8BF9AC08497FA45C097186BD5C0E85C265DDC40A48491E78249BB7243649D ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
14:30:41.0703 0x0cd0 DeviceFastLaneService - ok
14:30:41.0734 0x0cd0 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
14:30:41.0781 0x0cd0 DeviceInstall - ok
14:30:41.0797 0x0cd0 [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
14:30:41.0828 0x0cd0 Dfsc - ok
14:30:41.0859 0x0cd0 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
14:30:41.0875 0x0cd0 dg_ssudbus - ok
14:30:41.0906 0x0cd0 [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:30:41.0984 0x0cd0 Dhcp - ok
14:30:42.0031 0x0cd0 [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\Windows\system32\drivers\discache.sys
14:30:42.0062 0x0cd0 discache - ok
14:30:42.0109 0x0cd0 [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk C:\Windows\system32\drivers\disk.sys
14:30:42.0125 0x0cd0 disk - ok
14:30:42.0172 0x0cd0 [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
14:30:42.0219 0x0cd0 dmvsc - ok
14:30:42.0250 0x0cd0 [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:30:42.0312 0x0cd0 Dnscache - ok
14:30:42.0344 0x0cd0 [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\Windows\System32\dot3svc.dll
14:30:42.0390 0x0cd0 dot3svc - ok
14:30:42.0406 0x0cd0 [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\Windows\system32\dps.dll
14:30:42.0453 0x0cd0 DPS - ok
14:30:42.0484 0x0cd0 [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:30:42.0578 0x0cd0 drmkaud - ok
14:30:42.0656 0x0cd0 [ 7C685CB0AC7D4E998D213C8B84FA609F, C4D8D178987FA68BC2A8864CB84AAD47031B5956DECD74929C4ED36AE1F41470 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
14:30:42.0672 0x0cd0 DsiWMIService - ok
14:30:42.0719 0x0cd0 [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
14:30:42.0765 0x0cd0 DsmSvc - ok
14:30:43.0015 0x0cd0 [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:30:43.0094 0x0cd0 DXGKrnl - ok
14:30:43.0140 0x0cd0 [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\Windows\System32\eapsvc.dll
14:30:43.0172 0x0cd0 Eaphost - ok
14:30:43.0375 0x0cd0 [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:30:43.0547 0x0cd0 ebdrv - ok
14:30:43.0562 0x0cd0 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS C:\Windows\System32\lsass.exe
14:30:43.0641 0x0cd0 EFS - ok
14:30:43.0719 0x0cd0 [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
14:30:43.0734 0x0cd0 EhStorClass - ok
14:30:43.0797 0x0cd0 [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
14:30:43.0875 0x0cd0 EhStorTcgDrv - ok
14:30:44.0141 0x0cd0 [ C9455140176A5D1F05FDA44E5F319856, 2FE7ED1C70BFF238F7EB5CFF76552F272A4C95449A8D5C264E340C46281C1F75 ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
14:30:44.0172 0x0cd0 ePowerSvc - ok
14:30:44.0359 0x0cd0 [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\Windows\System32\drivers\errdev.sys
14:30:44.0391 0x0cd0 ErrDev - ok
14:30:44.0484 0x0cd0 [ 2D055FAB756A79F5221ADF56EAE4CB3B, ED8D2CA2EDBD23C794C1B183DD2622A8273E5767D2417FF923A569D07C85773D ] ETD C:\Windows\system32\DRIVERS\ETD.sys
14:30:44.0500 0x0cd0 ETD - ok
14:30:44.0562 0x0cd0 [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\Windows\system32\es.dll
14:30:44.0641 0x0cd0 EventSystem - ok
14:30:44.0687 0x0cd0 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\Windows\system32\drivers\exfat.sys
14:30:44.0750 0x0cd0 exfat - ok
14:30:44.0797 0x0cd0 [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:30:44.0812 0x0cd0 fastfat - ok
14:30:45.0016 0x0cd0 [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\Windows\system32\fxssvc.exe
14:30:45.0172 0x0cd0 Fax - ok
14:30:45.0187 0x0cd0 [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\Windows\System32\drivers\fdc.sys
14:30:45.0234 0x0cd0 fdc - ok
14:30:45.0266 0x0cd0 [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\Windows\system32\fdPHost.dll
14:30:45.0312 0x0cd0 fdPHost - ok
14:30:45.0328 0x0cd0 [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\Windows\system32\fdrespub.dll
14:30:45.0359 0x0cd0 FDResPub - ok
14:30:45.0391 0x0cd0 [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\Windows\system32\fhsvc.dll
14:30:45.0437 0x0cd0 fhsvc - ok
14:30:45.0453 0x0cd0 [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:30:45.0469 0x0cd0 FileInfo - ok
14:30:45.0500 0x0cd0 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:30:45.0531 0x0cd0 Filetrace - ok
14:30:45.0734 0x0cd0 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:30:45.0781 0x0cd0 FLEXnet Licensing Service - ok
14:30:45.0813 0x0cd0 [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
14:30:45.0828 0x0cd0 flpydisk - ok
14:30:45.0859 0x0cd0 [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:30:45.0906 0x0cd0 FltMgr - ok
14:30:46.0000 0x0cd0 [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache C:\Windows\system32\FntCache.dll
14:30:46.0109 0x0cd0 FontCache - ok
14:30:46.0172 0x0cd0 [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:30:46.0188 0x0cd0 FontCache3.0.0.0 - ok
14:30:46.0203 0x0cd0 [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:30:46.0219 0x0cd0 FsDepends - ok
14:30:46.0234 0x0cd0 [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:30:46.0250 0x0cd0 Fs_Rec - ok
14:30:46.0281 0x0cd0 [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:30:46.0328 0x0cd0 fvevol - ok
14:30:46.0359 0x0cd0 [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
14:30:46.0375 0x0cd0 FxPPM - ok
14:30:46.0391 0x0cd0 [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:30:46.0406 0x0cd0 gagp30kx - ok
14:30:46.0438 0x0cd0 [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
14:30:46.0453 0x0cd0 gencounter - ok
14:30:46.0484 0x0cd0 [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
14:30:46.0500 0x0cd0 GPIOClx0101 - ok
14:30:46.0563 0x0cd0 [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\Windows\System32\gpsvc.dll
14:30:46.0656 0x0cd0 gpsvc - ok
14:30:46.0672 0x0cd0 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:30:46.0688 0x0cd0 gusvc - ok
14:30:46.0719 0x0cd0 [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:30:46.0750 0x0cd0 HdAudAddService - ok
14:30:46.0781 0x0cd0 [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
14:30:46.0813 0x0cd0 HDAudBus - ok
14:30:46.0859 0x0cd0 [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
14:30:46.0891 0x0cd0 HidBatt - ok
14:30:46.0953 0x0cd0 [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\Windows\System32\drivers\hidbth.sys
14:30:47.0063 0x0cd0 HidBth - ok
14:30:47.0078 0x0cd0 [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
14:30:47.0109 0x0cd0 hidi2c - ok
14:30:47.0125 0x0cd0 [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\Windows\System32\drivers\hidir.sys
14:30:47.0156 0x0cd0 HidIr - ok
14:30:47.0219 0x0cd0 [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\Windows\system32\hidserv.dll
14:30:47.0250 0x0cd0 hidserv - ok
14:30:47.0266 0x0cd0 [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\Windows\System32\drivers\hidusb.sys
14:30:47.0313 0x0cd0 HidUsb - ok
14:30:47.0328 0x0cd0 [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:30:47.0359 0x0cd0 hkmsvc - ok
14:30:47.0406 0x0cd0 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:30:47.0438 0x0cd0 HomeGroupListener - ok
14:30:47.0484 0x0cd0 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:30:47.0516 0x0cd0 HomeGroupProvider - ok
14:30:47.0547 0x0cd0 [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:30:47.0563 0x0cd0 HpSAMD - ok
14:30:47.0609 0x0cd0 [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:30:47.0703 0x0cd0 HTTP - ok
14:30:47.0719 0x0cd0 [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:30:47.0719 0x0cd0 hwpolicy - ok
14:30:47.0734 0x0cd0 [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
14:30:47.0750 0x0cd0 hyperkbd - ok
14:30:47.0766 0x0cd0 [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
14:30:47.0797 0x0cd0 HyperVideo - ok
14:30:47.0797 0x0cd0 [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
14:30:47.0813 0x0cd0 i8042prt - ok
14:30:47.0859 0x0cd0 [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
14:30:47.0891 0x0cd0 iaStorA - ok
14:30:47.0922 0x0cd0 [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:30:47.0938 0x0cd0 iaStorV - ok
14:30:48.0234 0x0cd0 [ 11A31FC2481BFE69B0507ED8C80215F4, 8A1E90611F749E8F04B6D86E835E981CAC16D0841305CADB19E58682DA006698 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:30:48.0656 0x0cd0 igfx - ok
14:30:48.0703 0x0cd0 [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:30:48.0703 0x0cd0 iirsp - ok
14:30:48.0797 0x0cd0 [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT C:\Windows\System32\ikeext.dll
14:30:48.0875 0x0cd0 IKEEXT - ok
14:30:49.0110 0x0cd0 [ 9CC645EB9697AA4F2D5A39835C80A0A2, 39861B19E9BF17F5250D571996167A178606150B62C876529D3699817FDDC42A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:30:49.0281 0x0cd0 IntcAzAudAddService - ok
14:30:49.0313 0x0cd0 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:30:49.0328 0x0cd0 IntcDAud - ok
14:30:49.0391 0x0cd0 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:30:49.0406 0x0cd0 Intel(R) Capability Licensing Service Interface - ok
14:30:49.0422 0x0cd0 [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\Windows\system32\drivers\intelide.sys
14:30:49.0438 0x0cd0 intelide - ok
14:30:49.0453 0x0cd0 [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\Windows\System32\drivers\intelppm.sys
14:30:49.0485 0x0cd0 intelppm - ok
14:30:49.0516 0x0cd0 [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:30:49.0547 0x0cd0 IpFilterDriver - ok
14:30:49.0610 0x0cd0 [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:30:49.0860 0x0cd0 iphlpsvc - ok
14:30:49.0875 0x0cd0 [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
14:30:49.0922 0x0cd0 IPMIDRV - ok
14:30:49.0953 0x0cd0 [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:30:50.0000 0x0cd0 IPNAT - ok
14:30:50.0016 0x0cd0 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:30:50.0047 0x0cd0 IRENUM - ok
14:30:50.0063 0x0cd0 [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:30:50.0078 0x0cd0 isapnp - ok
14:30:50.0110 0x0cd0 [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
14:30:50.0141 0x0cd0 iScsiPrt - ok
14:30:50.0203 0x0cd0 [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:30:50.0219 0x0cd0 jhi_service - ok
14:30:50.0266 0x0cd0 [ CB30BC4ECF8B96BC090EC5DA09E9B17D, 82F4A3B076F16EB8A321E97E0AD6DE6DEE10A4C8A8F158DCB961EEA841781F63 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
14:30:50.0328 0x0cd0 k57nd60a - ok
14:30:50.0328 0x0cd0 [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
14:30:50.0344 0x0cd0 kbdclass - ok
14:30:50.0344 0x0cd0 [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
14:30:50.0375 0x0cd0 kbdhid - ok
14:30:50.0391 0x0cd0 [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
14:30:50.0422 0x0cd0 kdnic - ok
14:30:50.0438 0x0cd0 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso C:\Windows\system32\lsass.exe
14:30:50.0453 0x0cd0 KeyIso - ok
14:30:50.0500 0x0cd0 [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:30:50.0516 0x0cd0 KSecDD - ok
14:30:50.0531 0x0cd0 [ 3DD9C86EA88E8B5A51904AD87E1F2E78, F9EC9A571212117C01934CD29057EB1B3FA095F670294244AF7D9387D3F6E555 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:30:50.0547 0x0cd0 KSecPkg - ok
14:30:50.0578 0x0cd0 [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:30:50.0594 0x0cd0 ksthunk - ok
14:30:50.0625 0x0cd0 [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\Windows\system32\msdtckrm.dll
14:30:50.0672 0x0cd0 KtmRm - ok
14:30:50.0938 0x0cd0 [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:30:50.0985 0x0cd0 LanmanServer - ok
14:30:51.0016 0x0cd0 [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:30:51.0078 0x0cd0 LanmanWorkstation - ok
14:30:51.0094 0x0cd0 [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:30:51.0125 0x0cd0 lltdio - ok
14:30:51.0141 0x0cd0 [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:30:51.0188 0x0cd0 lltdsvc - ok
14:30:51.0203 0x0cd0 [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:30:51.0235 0x0cd0 lmhosts - ok
14:30:51.0266 0x0cd0 [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:30:51.0282 0x0cd0 LMS - ok
14:30:51.0328 0x0cd0 [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:30:51.0344 0x0cd0 LSI_SAS - ok
14:30:51.0360 0x0cd0 [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:30:51.0375 0x0cd0 LSI_SAS2 - ok
14:30:51.0391 0x0cd0 [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:30:51.0407 0x0cd0 LSI_SCSI - ok
14:30:51.0438 0x0cd0 [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
14:30:51.0438 0x0cd0 LSI_SSS - ok
14:30:51.0485 0x0cd0 [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM C:\Windows\System32\lsm.dll
14:30:51.0547 0x0cd0 LSM - ok
14:30:51.0578 0x0cd0 [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\Windows\system32\drivers\luafv.sys
14:30:51.0594 0x0cd0 luafv - ok
14:30:51.0625 0x0cd0 [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\Windows\system32\drivers\megasas.sys
14:30:51.0641 0x0cd0 megasas - ok
14:30:51.0672 0x0cd0 [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:30:51.0688 0x0cd0 MegaSR - ok
14:30:51.0719 0x0cd0 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\System32\drivers\HECIx64.sys
14:30:51.0735 0x0cd0 MEIx64 - ok
14:30:51.0766 0x0cd0 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\Windows\system32\mmcss.dll
14:30:51.0782 0x0cd0 MMCSS - ok
14:30:51.0797 0x0cd0 [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\Windows\system32\drivers\modem.sys
14:30:51.0828 0x0cd0 Modem - ok
14:30:51.0860 0x0cd0 [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\Windows\System32\drivers\monitor.sys
14:30:51.0875 0x0cd0 monitor - ok
14:30:51.0922 0x0cd0 [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\Windows\System32\drivers\mouclass.sys
14:30:51.0922 0x0cd0 mouclass - ok
14:30:51.0953 0x0cd0 [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\Windows\System32\drivers\mouhid.sys
14:30:52.0000 0x0cd0 mouhid - ok
14:30:52.0032 0x0cd0 [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:30:52.0047 0x0cd0 mountmgr - ok
14:30:52.0078 0x0cd0 [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:30:52.0110 0x0cd0 mpsdrv - ok
14:30:52.0141 0x0cd0 [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:30:52.0203 0x0cd0 MpsSvc - ok
14:30:52.0250 0x0cd0 [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:30:52.0266 0x0cd0 MRxDAV - ok
14:30:52.0297 0x0cd0 [ 7A761AEE58658378BBA45D360F874CB0, 31972E63D93E07D92EF69571B7ED1E69B1358DCA5BEED62A9372F6411B4DFDB3 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:30:52.0375 0x0cd0 mrxsmb - ok
14:30:52.0407 0x0cd0 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:30:52.0438 0x0cd0 mrxsmb10 - ok
14:30:52.0469 0x0cd0 [ 697B78CE3925E4FBFC544232A5E9E2EB, 2D03425513572F6098BAAF82C0EDB49EBAB88438971D349CA1917DA0BDB76334 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:30:52.0485 0x0cd0 mrxsmb20 - ok
14:30:52.0516 0x0cd0 [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
14:30:52.0547 0x0cd0 MsBridge - ok
14:30:52.0578 0x0cd0 [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\Windows\System32\msdtc.exe
14:30:52.0594 0x0cd0 MSDTC - ok
14:30:52.0610 0x0cd0 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:30:52.0625 0x0cd0 Msfs - ok
14:30:52.0657 0x0cd0 [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
14:30:52.0672 0x0cd0 msgpiowin32 - ok
14:30:52.0704 0x0cd0 [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:30:52.0719 0x0cd0 mshidkmdf - ok
14:30:52.0719 0x0cd0 [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
14:30:52.0750 0x0cd0 mshidumdf - ok
14:30:52.0782 0x0cd0 [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:30:52.0782 0x0cd0 msisadrv - ok
14:30:52.0813 0x0cd0 [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:30:52.0844 0x0cd0 MSiSCSI - ok
14:30:52.0844 0x0cd0 msiserver - ok
14:30:52.0860 0x0cd0 [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:30:52.0907 0x0cd0 MSKSSRV - ok
14:30:52.0922 0x0cd0 [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
14:30:52.0954 0x0cd0 MsLldp - ok
14:30:52.0969 0x0cd0 [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:30:53.0000 0x0cd0 MSPCLOCK - ok
14:30:53.0000 0x0cd0 [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:30:53.0032 0x0cd0 MSPQM - ok
14:30:53.0063 0x0cd0 [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:30:53.0079 0x0cd0 MsRPC - ok
14:30:53.0110 0x0cd0 [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
14:30:53.0110 0x0cd0 mssmbios - ok
14:30:53.0125 0x0cd0 [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:30:53.0141 0x0cd0 MSTEE - ok
14:30:53.0141 0x0cd0 [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
14:30:53.0172 0x0cd0 MTConfig - ok
14:30:53.0188 0x0cd0 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\Windows\system32\Drivers\mup.sys
14:30:53.0204 0x0cd0 Mup - ok
14:30:53.0235 0x0cd0 [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\Windows\system32\drivers\mvumis.sys
14:30:53.0235 0x0cd0 mvumis - ok
14:30:53.0250 0x0cd0 mwlPSDFilter - ok
14:30:53.0297 0x0cd0 [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\Windows\system32\qagentRT.dll
14:30:53.0344 0x0cd0 napagent - ok
14:30:53.0375 0x0cd0 [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:30:53.0422 0x0cd0 NativeWifiP - ok
14:30:53.0454 0x0cd0 [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\Windows\System32\ncasvc.dll
14:30:53.0469 0x0cd0 NcaSvc - ok
14:30:53.0485 0x0cd0 [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
14:30:53.0516 0x0cd0 NcdAutoSetup - ok
14:30:53.0579 0x0cd0 [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS C:\Windows\system32\drivers\ndis.sys
14:30:53.0625 0x0cd0 NDIS - ok
14:30:53.0657 0x0cd0 [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:30:53.0704 0x0cd0 NdisCap - ok
14:30:53.0719 0x0cd0 [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
14:30:53.0735 0x0cd0 NdisImPlatform - ok
14:30:53.0766 0x0cd0 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:30:53.0782 0x0cd0 NdisTapi - ok
14:30:53.0797 0x0cd0 [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:30:53.0829 0x0cd0 Ndisuio - ok
14:30:53.0844 0x0cd0 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:30:53.0875 0x0cd0 NdisWan - ok
14:30:53.0875 0x0cd0 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
14:30:53.0891 0x0cd0 NDISWANLEGACY - ok
14:30:53.0922 0x0cd0 [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:30:53.0938 0x0cd0 NDProxy - ok
14:30:53.0954 0x0cd0 [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\Windows\system32\drivers\Ndu.sys
14:30:53.0969 0x0cd0 Ndu - ok
14:30:53.0985 0x0cd0 [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:30:54.0016 0x0cd0 NetBIOS - ok
14:30:54.0032 0x0cd0 [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:30:54.0063 0x0cd0 NetBT - ok
14:30:54.0079 0x0cd0 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon C:\Windows\system32\lsass.exe
14:30:54.0094 0x0cd0 Netlogon - ok
14:30:54.0141 0x0cd0 [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\Windows\System32\netman.dll
14:30:54.0188 0x0cd0 Netman - ok
14:30:54.0219 0x0cd0 [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\Windows\System32\netprofmsvc.dll
14:30:54.0266 0x0cd0 netprofm - ok
14:30:54.0329 0x0cd0 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:30:54.0375 0x0cd0 NetTcpPortSharing - ok
14:30:54.0391 0x0cd0 [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:30:54.0407 0x0cd0 nfrd960 - ok
14:30:54.0454 0x0cd0 [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:30:54.0500 0x0cd0 NlaSvc - ok
14:30:54.0657 0x0cd0 [ EC6B98656770A0441C14BB86FEFC90AE, 47201FCC207F7AD212E65F4EA6BCDF74D60F6D83EB1C80EA4AAE16CCA36B9235 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
14:30:54.0766 0x0cd0 NOBU - ok
14:30:54.0813 0x0cd0 [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:30:54.0829 0x0cd0 Npfs - ok
14:30:54.0860 0x0cd0 [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
14:30:54.0891 0x0cd0 npsvctrig - ok
14:30:54.0922 0x0cd0 [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\Windows\system32\nsisvc.dll
14:30:54.0938 0x0cd0 nsi - ok
14:30:54.0938 0x0cd0 [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:30:54.0969 0x0cd0 nsiproxy - ok
14:30:55.0063 0x0cd0 [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:30:55.0157 0x0cd0 Ntfs - ok
14:30:55.0204 0x0cd0 [ FF472A7055E765498AE52564B1503C3F, 89A6E603238F854AA20F9E8EA4A4D4E281B95ED941A087B7E48FE961D1052CBA ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
14:30:55.0219 0x0cd0 NTI IScheduleSvc - ok
14:30:55.0251 0x0cd0 [ 710263B44C1D1AEE07525A53401FBE48, 9E30D956099F42A7F8125664E671AEE49A6EDE0C2B717EC9B4488556A386FA21 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
14:30:55.0266 0x0cd0 NTIDrvr - ok
14:30:55.0282 0x0cd0 [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\Windows\system32\drivers\Null.sys
14:30:55.0313 0x0cd0 Null - ok
14:30:55.0751 0x0cd0 [ 5104BAC2DA2A5BDD86AC6B0708B00F06, A02501514F8517CB5A6CFE4352A3D0F864153470015589428A6B14477E791514 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:30:56.0235 0x0cd0 nvlddmkm - ok
14:30:56.0282 0x0cd0 [ 918841B2454F4F2BD94479692079490B, 16667315DE4EB5543E176273362791B157223E775ED1CF285330CC8195E0F1BB ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
14:30:56.0282 0x0cd0 nvpciflt - ok
14:30:56.0298 0x0cd0 [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:30:56.0391 0x0cd0 nvraid - ok
14:30:56.0438 0x0cd0 [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:30:56.0454 0x0cd0 nvstor - ok
14:30:56.0516 0x0cd0 [ DDFAFCE89A5C93D04712B86F94E9FCBA, 377303D4CAC9E3AD5B58894CF7AECDA4FCD3D721568BE8BACC0A897A0956919A ] nvsvc C:\Windows\system32\nvvsvc.exe
14:30:56.0548 0x0cd0 nvsvc - ok
14:30:56.0641 0x0cd0 [ 249357999355A998AA94A3673C3367EB, D33A231EB1B09A838446CE7C4A057CF0DE7C1C62639703EB920BA554EB8A4E0B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:30:56.0673 0x0cd0 nvUpdatusService - ok
14:30:56.0704 0x0cd0 [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:30:56.0719 0x0cd0 nv_agp - ok
14:30:56.0845 0x0cd0 [ 4E2D0656946F2A19FED1C60E0E4FC1AF, 5551D5BD89EB650C5485BBB58DAA5473044B7C967B72687A27430FA9A1E812FE ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
14:30:56.0938 0x0cd0 Origin Client Service - ok
14:30:56.0970 0x0cd0 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:30:57.0032 0x0cd0 p2pimsvc - ok
14:30:57.0079 0x0cd0 [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\Windows\system32\p2psvc.dll
14:30:57.0126 0x0cd0 p2psvc - ok
14:30:57.0157 0x0cd0 [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\Windows\System32\drivers\parport.sys
14:30:57.0173 0x0cd0 Parport - ok
14:30:57.0204 0x0cd0 [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:30:57.0220 0x0cd0 partmgr - ok
14:30:57.0266 0x0cd0 [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:30:57.0313 0x0cd0 PcaSvc - ok
14:30:57.0345 0x0cd0 [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\Windows\system32\drivers\pci.sys
14:30:57.0360 0x0cd0 pci - ok
14:30:57.0391 0x0cd0 [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\Windows\system32\drivers\pciide.sys
14:30:57.0407 0x0cd0 pciide - ok
14:30:57.0423 0x0cd0 [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:30:57.0438 0x0cd0 pcmcia - ok
14:30:57.0454 0x0cd0 [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\Windows\system32\drivers\pcw.sys
14:30:57.0470 0x0cd0 pcw - ok
14:30:57.0485 0x0cd0 [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\Windows\system32\drivers\pdc.sys
14:30:57.0501 0x0cd0 pdc - ok
14:30:57.0548 0x0cd0 [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:30:57.0641 0x0cd0 PEAUTH - ok
14:30:57.0735 0x0cd0 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:30:57.0782 0x0cd0 PerfHost - ok
14:30:58.0001 0x0cd0 [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\Windows\system32\pla.dll
14:30:58.0095 0x0cd0 pla - ok
14:30:58.0126 0x0cd0 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:30:58.0141 0x0cd0 PlugPlay - ok
14:30:58.0157 0x0cd0 [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:30:58.0188 0x0cd0 PNRPAutoReg - ok
14:30:58.0204 0x0cd0 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:30:58.0235 0x0cd0 PNRPsvc - ok
14:30:58.0282 0x0cd0 [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:30:58.0313 0x0cd0 PolicyAgent - ok
14:30:58.0345 0x0cd0 [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\Windows\system32\umpo.dll
14:30:58.0391 0x0cd0 Power - ok
14:30:58.0438 0x0cd0 [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:30:58.0485 0x0cd0 PptpMiniport - ok
14:30:58.0610 0x0cd0 [ 9D59831262CAD44E709D695FC9D5E7AB, F95C5475F91DA667C8D5C96253944CE8A0F2C9B1ED4DF8703E5D1D47A0C730B5 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
14:30:58.0766 0x0cd0 PrintNotify - ok
14:30:58.0813 0x0cd0 [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\Windows\System32\drivers\processr.sys
14:30:58.0845 0x0cd0 Processor - ok
14:30:58.0860 0x0cd0 [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc C:\Windows\system32\profsvc.dll
14:30:58.0907 0x0cd0 ProfSvc - ok
14:30:58.0923 0x0cd0 [ AF038FA3D3748B7595FE7096AD803696, 55263B2424BE1F59F16050C8A0A3B16B2A3A4C212051170DE8A49AC387BE1386 ] Ps2Kb2Hid C:\Windows\System32\drivers\aPs2Kb2Hid.sys
14:30:58.0938 0x0cd0 Ps2Kb2Hid - ok
14:30:58.0954 0x0cd0 [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:30:58.0985 0x0cd0 Psched - ok
14:30:59.0017 0x0cd0 [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\Windows\system32\qwave.dll
14:30:59.0063 0x0cd0 QWAVE - ok
14:30:59.0079 0x0cd0 [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:30:59.0110 0x0cd0 QWAVEdrv - ok
14:30:59.0126 0x0cd0 [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:30:59.0141 0x0cd0 RasAcd - ok
14:30:59.0173 0x0cd0 [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:30:59.0188 0x0cd0 RasAgileVpn - ok
14:30:59.0220 0x0cd0 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\Windows\System32\rasauto.dll
14:30:59.0251 0x0cd0 RasAuto - ok
14:30:59.0267 0x0cd0 [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:30:59.0298 0x0cd0 Rasl2tp - ok
14:30:59.0329 0x0cd0 [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\Windows\System32\rasmans.dll
14:30:59.0392 0x0cd0 RasMan - ok
14:30:59.0392 0x0cd0 [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:30:59.0423 0x0cd0 RasPppoe - ok
14:30:59.0438 0x0cd0 [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:30:59.0454 0x0cd0 RasSstp - ok
14:30:59.0501 0x0cd0 [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:30:59.0563 0x0cd0 rdbss - ok
14:30:59.0579 0x0cd0 [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
14:30:59.0595 0x0cd0 rdpbus - ok
14:30:59.0610 0x0cd0 [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:30:59.0657 0x0cd0 RDPDR - ok
14:30:59.0688 0x0cd0 [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:30:59.0704 0x0cd0 RdpVideoMiniport - ok
14:30:59.0720 0x0cd0 [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:30:59.0735 0x0cd0 RDPWD - ok
14:30:59.0767 0x0cd0 [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:30:59.0782 0x0cd0 rdyboost - ok
14:30:59.0829 0x0cd0 [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:30:59.0860 0x0cd0 RemoteAccess - ok
14:30:59.0892 0x0cd0 [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:30:59.0939 0x0cd0 RemoteRegistry - ok
14:30:59.0970 0x0cd0 [ CF59781FCB68F859EB6C835ED285211D, E979014C07BF45F4F27E4433ED6B8FA618E4416CB01075FBF52CB2536EC63984 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
14:30:59.0970 0x0cd0 RfButtonDriverService - ok
14:31:00.0001 0x0cd0 [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:31:00.0048 0x0cd0 RpcEptMapper - ok
14:31:00.0079 0x0cd0 [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\Windows\system32\locator.exe
14:31:00.0110 0x0cd0 RpcLocator - ok
14:31:00.0173 0x0cd0 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\Windows\system32\rpcss.dll
14:31:00.0220 0x0cd0 RpcSs - ok
14:31:00.0251 0x0cd0 [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:31:00.0267 0x0cd0 rspndr - ok
14:31:00.0282 0x0cd0 [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
14:31:00.0298 0x0cd0 s3cap - ok
14:31:00.0314 0x0cd0 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs C:\Windows\system32\lsass.exe
14:31:00.0329 0x0cd0 SamSs - ok
14:31:00.0345 0x0cd0 [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:31:00.0360 0x0cd0 sbp2port - ok
14:31:00.0376 0x0cd0 [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:31:00.0423 0x0cd0 SCardSvr - ok
14:31:00.0454 0x0cd0 [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:31:00.0470 0x0cd0 scfilter - ok
14:31:00.0532 0x0cd0 [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule C:\Windows\system32\schedsvc.dll
14:31:00.0657 0x0cd0 Schedule - ok
14:31:00.0673 0x0cd0 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:31:00.0704 0x0cd0 SCPolicySvc - ok
14:31:00.0736 0x0cd0 [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus C:\Windows\System32\drivers\sdbus.sys
14:31:00.0751 0x0cd0 sdbus - ok
14:31:00.0783 0x0cd0 [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:31:00.0830 0x0cd0 SDRSVC - ok
14:31:00.0845 0x0cd0 [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\Windows\System32\drivers\sdstor.sys
14:31:00.0861 0x0cd0 sdstor - ok
14:31:00.0908 0x0cd0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:31:00.0939 0x0cd0 secdrv - ok
14:31:00.0955 0x0cd0 [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\Windows\system32\seclogon.dll
14:31:00.0986 0x0cd0 seclogon - ok
14:31:01.0017 0x0cd0 [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\Windows\System32\sens.dll
14:31:01.0048 0x0cd0 SENS - ok
14:31:01.0080 0x0cd0 [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:31:01.0111 0x0cd0 SensrSvc - ok
14:31:01.0142 0x0cd0 [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\Windows\system32\drivers\SerCx.sys
14:31:01.0158 0x0cd0 SerCx - ok
14:31:01.0205 0x0cd0 [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\Windows\System32\drivers\serenum.sys
14:31:01.0236 0x0cd0 Serenum - ok
14:31:01.0251 0x0cd0 [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\Windows\System32\drivers\serial.sys
14:31:01.0267 0x0cd0 Serial - ok
14:31:01.0283 0x0cd0 [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\Windows\System32\drivers\sermouse.sys
14:31:01.0298 0x0cd0 sermouse - ok
14:31:01.0345 0x0cd0 [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\Windows\system32\sessenv.dll
14:31:01.0392 0x0cd0 SessionEnv - ok
14:31:01.0408 0x0cd0 [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
14:31:01.0423 0x0cd0 sfloppy - ok
14:31:01.0455 0x0cd0 [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:31:01.0501 0x0cd0 SharedAccess - ok
14:31:01.0548 0x0cd0 [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:31:01.0611 0x0cd0 ShellHWDetection - ok
14:31:01.0642 0x0cd0 [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:31:01.0642 0x0cd0 SiSRaid2 - ok
14:31:01.0674 0x0cd0 [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:31:01.0689 0x0cd0 SiSRaid4 - ok
14:31:01.0705 0x0cd0 [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:31:01.0736 0x0cd0 SNMPTRAP - ok
14:31:01.0783 0x0cd0 [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\Windows\system32\drivers\spaceport.sys
14:31:01.0799 0x0cd0 spaceport - ok
14:31:01.0814 0x0cd0 [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
14:31:01.0830 0x0cd0 SpbCx - ok
14:31:01.0861 0x0cd0 [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\Windows\System32\spoolsv.exe
14:31:02.0049 0x0cd0 Spooler - ok
14:31:02.0283 0x0cd0 [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc C:\Windows\system32\sppsvc.exe
14:31:02.0517 0x0cd0 sppsvc - ok
14:31:02.0564 0x0cd0 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\Windows\system32\DRIVERS\srv.sys
14:31:02.0611 0x0cd0 srv - ok
14:31:02.0658 0x0cd0 [ 8504ADDE9C146C6295B16D13A0007560, 715E3752AE4A276FA8DAFA3B52B699C45D97E747CB25FE4AE307241D206319B7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:31:02.0721 0x0cd0 srv2 - ok
14:31:02.0752 0x0cd0 [ BB0F9E19C5CE4DC765B263E2A5561DE1, F7DBC96E049625E4312D8F588FCF2B4AC6318C04D04758982FE9B51DABEC2DAE ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:31:02.0767 0x0cd0 srvnet - ok
14:31:02.0830 0x0cd0 [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:31:02.0861 0x0cd0 SSDPSRV - ok
14:31:02.0877 0x0cd0 [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:31:02.0908 0x0cd0 SstpSvc - ok
14:31:02.0955 0x0cd0 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
14:31:02.0971 0x0cd0 ssudmdm - ok
14:31:02.0986 0x0cd0 [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:31:03.0002 0x0cd0 stexstor - ok
14:31:03.0049 0x0cd0 [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\Windows\System32\wiaservc.dll
14:31:03.0111 0x0cd0 stisvc - ok
14:31:03.0143 0x0cd0 [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\Windows\system32\drivers\storahci.sys
14:31:03.0158 0x0cd0 storahci - ok
14:31:03.0174 0x0cd0 [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
14:31:03.0174 0x0cd0 storflt - ok
14:31:03.0205 0x0cd0 [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\Windows\system32\storsvc.dll
14:31:03.0252 0x0cd0 StorSvc - ok
14:31:03.0299 0x0cd0 [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:31:03.0299 0x0cd0 storvsc - ok
14:31:03.0330 0x0cd0 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\Windows\system32\svsvc.dll
14:31:03.0361 0x0cd0 svsvc - ok
14:31:03.0377 0x0cd0 [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\Windows\System32\drivers\swenum.sys
14:31:03.0393 0x0cd0 swenum - ok
14:31:03.0439 0x0cd0 [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\Windows\System32\swprv.dll
14:31:03.0518 0x0cd0 swprv - ok
14:31:03.0596 0x0cd0 [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\Windows\system32\sysmain.dll
14:31:03.0689 0x0cd0 SysMain - ok
14:31:03.0721 0x0cd0 [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
14:31:03.0768 0x0cd0 SystemEventsBroker - ok
14:31:03.0799 0x0cd0 [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
14:31:03.0830 0x0cd0 TabletInputService - ok
14:31:03.0861 0x0cd0 [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:31:03.0908 0x0cd0 TapiSrv - ok
14:31:04.0002 0x0cd0 [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:31:04.0111 0x0cd0 Tcpip - ok
14:31:04.0189 0x0cd0 [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:31:04.0268 0x0cd0 TCPIP6 - ok
14:31:04.0299 0x0cd0 [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:31:04.0330 0x0cd0 tcpipreg - ok
14:31:04.0346 0x0cd0 [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:31:04.0377 0x0cd0 tdx - ok
14:31:04.0393 0x0cd0 [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\Windows\System32\drivers\terminpt.sys
14:31:04.0393 0x0cd0 terminpt - ok
14:31:04.0439 0x0cd0 [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService C:\Windows\System32\termsrv.dll
14:31:04.0502 0x0cd0 TermService - ok
14:31:04.0518 0x0cd0 [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\Windows\system32\themeservice.dll
14:31:04.0549 0x0cd0 Themes - ok
14:31:04.0580 0x0cd0 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\Windows\system32\mmcss.dll
14:31:04.0596 0x0cd0 THREADORDER - ok
14:31:04.0627 0x0cd0 [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
14:31:04.0658 0x0cd0 TimeBroker - ok
14:31:04.0689 0x0cd0 [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM C:\Windows\system32\drivers\tpm.sys
14:31:04.0705 0x0cd0 TPM - ok
14:31:04.0736 0x0cd0 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\Windows\System32\trkwks.dll
14:31:04.0768 0x0cd0 TrkWks - ok
14:31:04.0846 0x0cd0 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:31:04.0877 0x0cd0 TrustedInstaller - ok
14:31:04.0908 0x0cd0 [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:31:04.0939 0x0cd0 TsUsbFlt - ok
14:31:04.0971 0x0cd0 [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
14:31:04.0986 0x0cd0 TsUsbGD - ok
14:31:05.0018 0x0cd0 [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:31:05.0049 0x0cd0 tunnel - ok
14:31:05.0065 0x0cd0 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:31:05.0065 0x0cd0 uagp35 - ok
14:31:05.0080 0x0cd0 [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
14:31:05.0096 0x0cd0 UASPStor - ok
14:31:05.0111 0x0cd0 [ 69CC6087483FCE6AEBF1DF5AE791044F, 64A2699447049F77A4A5469537F81124114978BF356C079B123B79782EDC760A ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
14:31:05.0127 0x0cd0 UBHelper - ok
14:31:05.0143 0x0cd0 [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
14:31:05.0174 0x0cd0 UCX01000 - ok
14:31:05.0221 0x0cd0 [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:31:05.0252 0x0cd0 udfs - ok
14:31:05.0299 0x0cd0 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:31:05.0330 0x0cd0 UI0Detect - ok
14:31:05.0346 0x0cd0 [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:31:05.0361 0x0cd0 uliagpkx - ok
14:31:05.0377 0x0cd0 [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\Windows\System32\drivers\umbus.sys
14:31:05.0408 0x0cd0 umbus - ok
14:31:05.0440 0x0cd0 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\Windows\System32\drivers\umpass.sys
14:31:05.0471 0x0cd0 UmPass - ok
14:31:05.0502 0x0cd0 [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\Windows\System32\umrdp.dll
14:31:05.0549 0x0cd0 UmRdpService - ok
14:31:05.0627 0x0cd0 [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:31:05.0643 0x0cd0 UNS - ok
14:31:05.0690 0x0cd0 [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\Windows\System32\upnphost.dll
14:31:05.0768 0x0cd0 upnphost - ok
14:31:05.0815 0x0cd0 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\System32\Drivers\usbaapl64.sys
14:31:05.0893 0x0cd0 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
14:31:08.0408 0x0cd0 Detect skipped due to KSN trusted
14:31:08.0408 0x0cd0 USBAAPL64 - ok
14:31:08.0440 0x0cd0 [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
14:31:08.0487 0x0cd0 usbccgp - ok
14:31:08.0518 0x0cd0 [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\Windows\System32\drivers\usbcir.sys
14:31:08.0565 0x0cd0 usbcir - ok
14:31:08.0596 0x0cd0 [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\Windows\System32\drivers\usbehci.sys
14:31:08.0612 0x0cd0 usbehci - ok
14:31:08.0658 0x0cd0 [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\Windows\System32\drivers\usbhub.sys
14:31:08.0690 0x0cd0 usbhub - ok
14:31:08.0737 0x0cd0 [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
14:31:08.0752 0x0cd0 USBHUB3 - ok
14:31:08.0783 0x0cd0 [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\Windows\System32\drivers\usbohci.sys
14:31:08.0815 0x0cd0 usbohci - ok
14:31:08.0830 0x0cd0 [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\Windows\System32\drivers\usbprint.sys
14:31:08.0877 0x0cd0 usbprint - ok
14:31:08.0893 0x0cd0 [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
14:31:08.0908 0x0cd0 USBSTOR - ok
14:31:08.0940 0x0cd0 [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
14:31:08.0956 0x0cd0 usbuhci - ok
14:31:08.0971 0x0cd0 [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:31:09.0018 0x0cd0 usbvideo - ok
14:31:09.0065 0x0cd0 [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
14:31:09.0081 0x0cd0 USBXHCI - ok
14:31:09.0096 0x0cd0 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc C:\Windows\system32\lsass.exe
14:31:09.0112 0x0cd0 VaultSvc - ok
14:31:09.0143 0x0cd0 [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:31:09.0159 0x0cd0 vdrvroot - ok
14:31:09.0206 0x0cd0 [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds C:\Windows\System32\vds.exe
14:31:09.0268 0x0cd0 vds - ok
14:31:09.0299 0x0cd0 [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
14:31:09.0315 0x0cd0 VerifierExt - ok
14:31:09.0346 0x0cd0 [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
14:31:09.0377 0x0cd0 vhdmp - ok
14:31:09.0393 0x0cd0 [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\Windows\system32\drivers\viaide.sys
14:31:09.0409 0x0cd0 viaide - ok
14:31:09.0424 0x0cd0 [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:31:09.0440 0x0cd0 vmbus - ok
14:31:09.0456 0x0cd0 [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
14:31:09.0487 0x0cd0 VMBusHID - ok
14:31:09.0534 0x0cd0 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\Windows\System32\ICSvc.dll
14:31:09.0565 0x0cd0 vmicheartbeat - ok
14:31:09.0565 0x0cd0 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
14:31:09.0596 0x0cd0 vmickvpexchange - ok
14:31:09.0612 0x0cd0 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\Windows\System32\ICSvc.dll
14:31:09.0627 0x0cd0 vmicrdv - ok
14:31:09.0643 0x0cd0 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\Windows\System32\ICSvc.dll
14:31:09.0659 0x0cd0 vmicshutdown - ok
14:31:09.0674 0x0cd0 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\Windows\System32\ICSvc.dll
14:31:09.0690 0x0cd0 vmictimesync - ok
14:31:09.0706 0x0cd0 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\Windows\System32\ICSvc.dll
14:31:09.0721 0x0cd0 vmicvss - ok
14:31:09.0752 0x0cd0 [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:31:09.0752 0x0cd0 volmgr - ok
14:31:09.0784 0x0cd0 [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:31:09.0815 0x0cd0 volmgrx - ok
14:31:09.0846 0x0cd0 [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:31:09.0862 0x0cd0 volsnap - ok
14:31:09.0893 0x0cd0 [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\Windows\System32\drivers\vpci.sys
14:31:09.0909 0x0cd0 vpci - ok
14:31:09.0924 0x0cd0 [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:31:09.0940 0x0cd0 vsmraid - ok
14:31:10.0002 0x0cd0 [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS C:\Windows\system32\vssvc.exe
14:31:10.0096 0x0cd0 VSS - ok
14:31:10.0127 0x0cd0 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
14:31:10.0143 0x0cd0 VSTXRAID - ok
14:31:10.0174 0x0cd0 [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:31:10.0206 0x0cd0 vwifibus - ok
14:31:10.0237 0x0cd0 [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:31:10.0268 0x0cd0 vwififlt - ok
14:31:10.0284 0x0cd0 [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:31:10.0299 0x0cd0 vwifimp - ok
14:31:10.0346 0x0cd0 [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\Windows\system32\w32time.dll
14:31:10.0393 0x0cd0 W32Time - ok
14:31:10.0409 0x0cd0 [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\Windows\System32\drivers\wacompen.sys
14:31:10.0424 0x0cd0 WacomPen - ok
14:31:10.0440 0x0cd0 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
14:31:10.0471 0x0cd0 Wanarp - ok
14:31:10.0471 0x0cd0 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:31:10.0487 0x0cd0 Wanarpv6 - ok
14:31:10.0549 0x0cd0 [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\Windows\system32\wbengine.exe
14:31:10.0643 0x0cd0 wbengine - ok
14:31:10.0674 0x0cd0 [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:31:10.0721 0x0cd0 WbioSrvc - ok
14:31:10.0752 0x0cd0 [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
14:31:10.0799 0x0cd0 Wcmsvc - ok
14:31:10.0831 0x0cd0 [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:31:10.0909 0x0cd0 wcncsvc - ok
14:31:10.0940 0x0cd0 [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:31:11.0003 0x0cd0 WcsPlugInService - ok
14:31:11.0018 0x0cd0 [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\Windows\system32\drivers\wd.sys
14:31:11.0018 0x0cd0 Wd - ok
14:31:11.0065 0x0cd0 [ 3772FF85F0098686B0DCD77076AE0786, 8B0221F6003C53856676FFD9CDCFF43DF29B410AB2F340C10BB858F0E6EC14CE ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
14:31:11.0065 0x0cd0 WdBoot - ok
14:31:11.0128 0x0cd0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:31:11.0174 0x0cd0 Wdf01000 - ok
14:31:11.0206 0x0cd0 [ AB6F7DE8BFBF61A42F8764D9A621BD8B, DEFDC9FDC0B234403EE1339105B8D12B486D77B3BA01A703339B5DB8B95FA4D8 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
14:31:11.0221 0x0cd0 WdFilter - ok
14:31:11.0253 0x0cd0 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:31:11.0299 0x0cd0 WdiServiceHost - ok
14:31:11.0299 0x0cd0 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:31:11.0331 0x0cd0 WdiSystemHost - ok
14:31:11.0378 0x0cd0 [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient C:\Windows\System32\webclnt.dll
14:31:11.0424 0x0cd0 WebClient - ok
14:31:11.0456 0x0cd0 [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:31:11.0487 0x0cd0 Wecsvc - ok
14:31:11.0518 0x0cd0 [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:31:11.0596 0x0cd0 wercplsupport - ok
14:31:11.0628 0x0cd0 [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\Windows\System32\WerSvc.dll
14:31:11.0674 0x0cd0 WerSvc - ok
14:31:11.0690 0x0cd0 [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
14:31:11.0706 0x0cd0 WFPLWFS - ok
14:31:11.0721 0x0cd0 [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\Windows\System32\wiarpc.dll
14:31:11.0737 0x0cd0 WiaRpc - ok
14:31:11.0768 0x0cd0 [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:31:11.0784 0x0cd0 WIMMount - ok
14:31:11.0799 0x0cd0 WinDefend - ok
14:31:11.0846 0x0cd0 [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
14:31:11.0940 0x0cd0 WinHttpAutoProxySvc - ok
14:31:12.0018 0x0cd0 [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:31:12.0034 0x0cd0 Winmgmt - ok
14:31:12.0159 0x0cd0 [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM C:\Windows\system32\WsmSvc.dll
14:31:12.0299 0x0cd0 WinRM - ok
14:31:12.0362 0x0cd0 [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:31:12.0409 0x0cd0 WinUsb - ok
14:31:12.0471 0x0cd0 [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\Windows\System32\wlansvc.dll
14:31:12.0565 0x0cd0 WlanSvc - ok
14:31:12.0659 0x0cd0 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\Windows\system32\wlidsvc.dll
14:31:12.0768 0x0cd0 wlidsvc - ok
14:31:12.0799 0x0cd0 [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
14:31:12.0815 0x0cd0 WmiAcpi - ok
14:31:12.0862 0x0cd0 [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:31:12.0878 0x0cd0 wmiApSrv - ok
14:31:12.0925 0x0cd0 WMPNetworkSvc - ok
14:31:12.0940 0x0cd0 [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
14:31:12.0987 0x0cd0 wpcfltr - ok
14:31:13.0018 0x0cd0 [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:31:13.0034 0x0cd0 WPCSvc - ok
14:31:13.0050 0x0cd0 [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:31:13.0096 0x0cd0 WPDBusEnum - ok
14:31:13.0112 0x0cd0 [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
14:31:13.0143 0x0cd0 WpdUpFltr - ok
14:31:13.0175 0x0cd0 [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:31:13.0206 0x0cd0 ws2ifsl - ok
14:31:13.0221 0x0cd0 [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\Windows\System32\wscsvc.dll
14:31:13.0253 0x0cd0 wscsvc - ok
14:31:13.0284 0x0cd0 [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys
14:31:13.0300 0x0cd0 WSDPrintDevice - ok
14:31:13.0315 0x0cd0 [ FA07DF46070F0826139709EF4D31FB71, 8F46A55D5C4336536E7974C9CEAFED55E7E9E9BF133D2AD0F6A55174F70B2F03 ] WSDScan C:\Windows\System32\drivers\WSDScan.sys
14:31:13.0362 0x0cd0 WSDScan - ok
14:31:13.0362 0x0cd0 WSearch - ok
14:31:13.0456 0x0cd0 [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\Windows\System32\WSService.dll
14:31:13.0581 0x0cd0 WSService - ok
14:31:13.0706 0x0cd0 [ 10EA2DBD2820A504D98D19F5EDAAFC04, 5B84D7C169CBAEBCE4A03BB89426E74DBF5AFCA1F8FDE2A5BC1006A8464D7E24 ] wuauserv C:\Windows\system32\wuaueng.dll
14:31:13.0878 0x0cd0 wuauserv - ok
14:31:13.0893 0x0cd0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:31:13.0909 0x0cd0 WudfPf - ok
14:31:13.0940 0x0cd0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
14:31:13.0956 0x0cd0 WUDFRd - ok
14:31:14.0003 0x0cd0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:31:14.0018 0x0cd0 wudfsvc - ok
14:31:14.0034 0x0cd0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
14:31:14.0050 0x0cd0 WUDFWpdFs - ok
14:31:14.0065 0x0cd0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
14:31:14.0081 0x0cd0 WUDFWpdMtp - ok
14:31:14.0143 0x0cd0 [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc C:\Windows\System32\wwansvc.dll
14:31:14.0284 0x0cd0 WwanSvc - ok
14:31:14.0300 0x0cd0 ================ Scan global ===============================
14:31:14.0331 0x0cd0 [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
14:31:14.0378 0x0cd0 [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
14:31:14.0425 0x0cd0 [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
14:31:14.0471 0x0cd0 [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\Windows\system32\services.exe
14:31:14.0503 0x0cd0 [ Global ] - ok
14:31:14.0503 0x0cd0 ================ Scan MBR ==================================
14:31:14.0503 0x0cd0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
14:31:14.0612 0x0cd0 \Device\Harddisk0\DR0 - ok
14:31:14.0612 0x0cd0 ================ Scan VBR ==================================
14:31:14.0612 0x0cd0 [ EADBA4F9BF227A4649255C18CDE05C41 ] \Device\Harddisk0\DR0\Partition1
14:31:14.0612 0x0cd0 \Device\Harddisk0\DR0\Partition1 - ok
14:31:14.0643 0x0cd0 [ 070D39BF35D5A660DDAD32190B588F34 ] \Device\Harddisk0\DR0\Partition2
14:31:14.0706 0x0cd0 \Device\Harddisk0\DR0\Partition2 - ok
14:31:14.0706 0x0cd0 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
14:31:14.0706 0x0cd0 \Device\Harddisk0\DR0\Partition3 - ok
14:31:14.0721 0x0cd0 [ 7CD365357CF5F1345654D0FF18A96228 ] \Device\Harddisk0\DR0\Partition4
14:31:14.0721 0x0cd0 \Device\Harddisk0\DR0\Partition4 - ok
14:31:14.0768 0x0cd0 [ 8742A31FCD359F7FD72736FC274E7EF2 ] \Device\Harddisk0\DR0\Partition5
14:31:14.0768 0x0cd0 \Device\Harddisk0\DR0\Partition5 - ok
14:31:14.0768 0x0cd0 ================ Scan generic autorun ======================
14:31:14.0815 0x0cd0 [ EB56B4B1788215133B3912F8131A401F, 68F2BAABA2A2AC45B70A2AADFDF312E3C68E17329B47CF090ACCA9B280A5A363 ] C:\Windows\system32\igfxtray.exe
14:31:14.0831 0x0cd0 IgfxTray - ok
14:31:14.0862 0x0cd0 [ 8FEE4578845A8FC280BADEA51D9A37D4, 35F62AAD66F8111483F83F4CFBDBA2994C46AC4F4E3321716A313A7AC2CCFD81 ] C:\Windows\system32\hkcmd.exe
14:31:14.0893 0x0cd0 HotKeysCmds - ok
14:31:14.0925 0x0cd0 [ F8A0713CAF369FFDA19DF0271AE27CC9, B91AD03BF14C69BA19C0F27C04DE5E954EE3C0BD5574DD1B74A4A624E35DB104 ] C:\Windows\system32\igfxpers.exe
14:31:14.0940 0x0cd0 Persistence - ok
14:31:15.0394 0x0cd0 [ 834A309C2FDF52FC09353F348CFE1235, FF8D5B0C4D8DEF3B313E11B01D6A2A29758E8721EF2EC0AAC2DB3C9AAF399276 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:31:15.0722 0x0cd0 RTHDVCPL - ok
14:31:15.0737 0x0cd0 ETDCtrl - ok
14:31:15.0800 0x0cd0 [ 704A01D402F0275877E7FA1BB151D997, 585C8B31599FFF0EF9B1DF9FD63979E498D2A601497780E07706A99A359AB8B8 ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
14:31:15.0815 0x0cd0 BakupManagerTray - ok
14:31:15.0956 0x0cd0 [ 4D8D8B6D046BAA8A0D92B50366ADFC7D, A23751F5FE14A84D9ABD020756B5A7E9E4831611065B7CE60BD4F7B761F8EF0B ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
14:31:16.0081 0x0cd0 Norton Online Backup - ok
14:31:16.0159 0x0cd0 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
14:31:16.0190 0x0cd0 Adobe ARM - ok
14:31:16.0347 0x0cd0 [ 21B8FAAFA5CCD89663AAD5833ABF4B35, DE46AD49AE1ED34697EE387BB77E73BCD7DA60E6063E02660021A9C2EA3C0801 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
14:31:16.0456 0x0cd0 AvastUI.exe - ok
14:31:16.0550 0x0cd0 [ 3237A58DC79C051004CD3A67C8FBC781, 696CF967C65EE742DC4EBECEFA4D298E4EF7D8E7FC3FE985583FAD6853639FD7 ] C:\Program Files (x86)\Java\jre6\bin\jusched.exe
14:31:16.0566 0x0cd0 SunJavaUpdateSched - ok
14:31:16.0566 0x0cd0 IsMyWinLockerReboot - ok
14:31:16.0581 0x0cd0 IsMyWinLockerReboot - ok
14:31:16.0644 0x0cd0 [ 68AF6C708A8C79898C32C4ACFABE493D, 0E3D5E3017FAA30B819ACD5F084B1CEA8A9C9F6F5ED2B388A0EC83533B88D981 ] C:\Users\Melle mobil\AppData\Roaming\SSync\SSync.exe
14:31:16.0644 0x0cd0 SSync - detected UnsignedFile.Multi.Generic ( 1 )
14:31:18.0972 0x0cd0 Detect skipped due to KSN trusted
14:31:18.0972 0x0cd0 SSync - ok
14:31:19.0128 0x0cd0 [ 1BFCA8EBFBDC43B5C7C3BCF92A47DD77, EA4A4B5E4BFB31451A472A3E5F23CA163EB53B7D08C892454D6905B034ABBBF6 ] C:\Program Files (x86)\Origin\Origin.exe
14:31:19.0269 0x0cd0 EADM - ok
14:31:19.0316 0x0cd0 [ FDB4F88B9B1CD409E1DC06AD68BEA2B8, B031473D2B11C00FB9464D0A518DF30BB01EF7A157AE7994C2FDEF1DF6F0C097 ] C:\Users\Melle mobil\AppData\Roaming\SCheck\SCheck.exe
14:31:19.0331 0x0cd0 SCheck - detected UnsignedFile.Multi.Generic ( 1 )
14:31:21.0660 0x0cd0 Detect skipped due to KSN trusted
14:31:21.0660 0x0cd0 SCheck - ok
14:31:21.0707 0x0cd0 [ FDB4F88B9B1CD409E1DC06AD68BEA2B8, B031473D2B11C00FB9464D0A518DF30BB01EF7A157AE7994C2FDEF1DF6F0C097 ] C:\Users\Melle mobil\AppData\Roaming\Intermediate\Intermediate.exe
14:31:21.0707 0x0cd0 Intermediate - detected UnsignedFile.Multi.Generic ( 1 )
14:31:21.0707 0x0cd0 Detect skipped due to KSN trusted
14:31:21.0707 0x0cd0 Intermediate - ok
14:31:21.0707 0x0cd0 Waiting for KSN requests completion. In queue: 1
14:31:22.0722 0x0cd0 Waiting for KSN requests completion. In queue: 1
14:31:23.0738 0x0cd0 Waiting for KSN requests completion. In queue: 1
14:31:24.0754 0x0cd0 Waiting for KSN requests completion. In queue: 1
14:31:25.0801 0x0cd0 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60110 ( disabled : outofdate )
14:31:25.0801 0x0cd0 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2018.391 ), 0x41000 ( enabled : updated )
14:31:25.0847 0x0cd0 Win FW state via NFP2: enabled
14:31:28.0223 0x0cd0 ============================================================
14:31:28.0223 0x0cd0 Scan finished
14:31:28.0223 0x0cd0 ============================================================
14:31:28.0223 0x1770 Detected object count: 0
14:31:28.0223 0x1770 Actual detected object count: 0
|
|
12.03.2015, 08:48
| #8 |
| /// the machine /// TB-Ausbilder | web.de account verschickt selbständig unerwünschte Links Ja ist es. Passwort vom Mail Account ändern, jetzt entfernen wir noch bissl Adware. Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.03.2015, 10:15
| #9 |
| | web.de account verschickt selbständig unerwünschte Links Ich hab echt Respekt für so Leute wie dich! Kein Plan wie ihr sowas anstellt... mir wird schon schwindelig wenn ich so nen Log mal nur kurz überfliege  AdwareCleaner Code:
ATTFilter # AdwCleaner v4.112 - Bericht erstellt 12/03/2015 um 09:31:45
# Aktualisiert 09/03/2015 von Xplode
# Datenbank : 2015-03-05.1 [Server]
# Betriebssystem : Windows 8 (x64)
# Benutzername : Melle mobil - MELLE
# Gestarted von : C:\Users\Melle mobil\Downloads\AdwCleaner_4.112.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Users\Melle mobil\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Melle mobil\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Melle mobil\AppData\Roaming\Common\LuaRT
Ordner Gelöscht : C:\Users\Melle mobil\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Melle mobil\AppData\Roaming\fbDownloader
Ordner Gelöscht : C:\Users\Melle mobil\AppData\Roaming\Intermediate
Ordner Gelöscht : C:\Users\Melle mobil\AppData\Roaming\OCS
Ordner Gelöscht : C:\Users\Melle mobil\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Melle mobil\AppData\Roaming\SCheck
Ordner Gelöscht : C:\Users\Melle mobil\AppData\Roaming\Snz
Ordner Gelöscht : C:\Users\Melle mobil\AppData\Roaming\SSync
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Melle mobil\AppData\Roaming\Mozilla\Firefox\Profiles\2kxjj07a.default\searchplugins\search.xml
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Intermediate]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [scheck]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKCU\Software\52edf8fb23eba44
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{36B445BF-1B84-466A-A623-A360A8CFF8C3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\httogroup
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Protector
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
***** [ Internetbrowser ] *****
-\\ Internet Explorer v10.0.9200.16537
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v36.0.1 (x86 de)
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("CT3281675.hxxp___facebook_conduitapps_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAsaHNjcm9sbD0wLHZzY3JvbGw9MCx0aXRsZWJhcj0xLGNsb3NlYnV0dG9uPTEsc2F2ZXJlc2l6ZWRzaXplPTAsb3BlbnBvc2l0aW9uPWFsaWd[...]
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("CT3281675.hxxp___twitter_conduitapps_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAsaHNjcm9sbD0wLHZzY3JvbGw9MCx0aXRsZWJhcj15ZXMsY2xvc2VidXR0b249MSxzYXZlcmVzaXplZHNpemU9MCxvcGVucG9zaXRpb249YWxp[...]
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("CT3281675.installId", "conduitinstaller.exe");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("CT3281675.installType", "conduitnsisintegration");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("CT3281675.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281675&SearchSource=2&CUI=UN26473215262352822&UM=&q=");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("CT3281675.smartbar.CTID", "CT3281675");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("CT3281675.smartbar.Uninstall", "0");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("CT3281675.smartbar.homepage", true);
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("CT3281675.smartbar.toolbarName", "entrusted ");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("Smartbar.ConduitHomepagesList", "");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "Pokki Customized Web Search");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281675&SearchSource=2&CUI=UN26473215262352822&UM=2&q=");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT3281675");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.fbdownloader.com/search.php?channel=fpo&q=");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.admin", false);
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.aflt", "babsst");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.dfltLng", "en");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.excTlbr", false);
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.id", "981f62f5000000000000864bf515f9e2");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.instlDay", "15774");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.instlRef", "sst");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.newTab", false);
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.prdct", "delta");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.rvrt", "false");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.smplGrp", "none");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.tlbrId", "base");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.vrsn", "1.8.10.0");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.10.014:26:38");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.vrsni", "1.8.10.0");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._65Members_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=EBF8F166-023E-48A8-A93F-5801514DA563&n=77fc7112&p2=^Y6^xdm043^YY^de&si=swissconverter");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._65Members_.initialized", true);
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._65Members_.installation.contextKey", "");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._65Members_.installation.installDate", "2013032722");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerId", "^Y6^xdm043^YY^de");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerSubId", "swissconverter");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._65Members_.installation.success", true);
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._65Members_.installation.toolbarId", "EBF8F166-023E-48A8-A93F-5801514DA563");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._65Members_.lastActivePing", "1364419550520");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._65Members_.options.defaultSearch", false);
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._65Members_.options.homePageEnabled", false);
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._65Members_.options.keywordEnabled", false);
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._65Members_.options.tabEnabled", false);
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._65Members_.weather.location", "10001");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark.lastInstalled", "fromdoctopdf@mindspark.com");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("keyword.URL", "hxxp://search.fbdownloader.com/search.php?channel=fpo&q=");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("simplenewtab.url", "hxxp://search.fbdownloader.com/?channel=fpo_nt");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("smartBar.searchInNewTabOwner", "CT3281675");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT3281675");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3281675&octid=CT3281675&SearchSource=61&CUI=UN26473215262352822&UM=2&UP=SP4D383A49-41C3-462A-B009-9EC7DC43E949,hxxp://searc[...]
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281675&SearchSource=2&CUI=UN26473215262352822&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("smartbar.defaultSearchOwnerCTID", "CT3281675");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("smartbar.machineId", "V45G5WZQVE1PGCYRTX3KBGWE0/VAYCZR+ED+/ZYAPM90KCVTAMAWRQ7PIMBQPBDBMMACFBOXKCSYEPZXDETVQW");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("smartbar.originalHomepage", "about:home");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("smartbar.originalSearchAddressUrl", "");
[2kxjj07a.default\prefs.js] - Zeile Gelöscht : user_pref("smartbar.originalSearchEngine", "");
*************************
AdwCleaner[R0].txt - [19853 Bytes] - [12/03/2015 09:29:34]
AdwCleaner[S0].txt - [19544 Bytes] - [12/03/2015 09:31:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19604 Bytes] ##########
Außerdem muss ich zugeben, dass ich nach dem Durchlauf einfach nur auf "Löschen" gegangen bin. Ich hab zwar nich gesehen, was das Ding dann gelöscht hat, aber in der Liste siehts nun im Nachhinein doch recht viel aus.... ich geh aber mal davon aus, dass dadurch nix kaputt geht... also, nix PC relevantes rausgeschmissen wurde. Is ja auch irgendwie unwahrscheinlich. Ich bin in den letzten Tagen bissl zu empfindlich diesbezüglich  JRT Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 8 x64
Ran by Melle mobil on 12.03.2015 at 9:38:08,77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\Windows\wininit.ini"
~~~ Folders
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Melle mobil\AppData\Roaming\mozilla\firefox\profiles\2kxjj07a.default\smartbar
Successfully deleted: [Folder] C:\Users\Melle mobil\AppData\Roaming\mozilla\firefox\profiles\2kxjj07a.default\extensions\toolbar@web.de
Successfully deleted the following from C:\Users\Melle mobil\AppData\Roaming\mozilla\firefox\profiles\2kxjj07a.default\prefs.js
user_pref("CT3281675.1000082.isPlayDisplay", "true");
user_pref("CT3281675.1000234.TWC_TMP_city", "STUTTGART");
user_pref("CT3281675.1000234.TWC_TMP_country", "DE");
user_pref("CT3281675.1000234.TWC_country", "GERMANY");
user_pref("CT3281675.1000234.TWC_locId", "GMXX0128");
user_pref("CT3281675.1000234.TWC_location", "Stuttgart, Germany");
user_pref("CT3281675.1000234.TWC_region", "DE");
user_pref("CT3281675.1000234.TWC_temp_dis", "c");
user_pref("CT3281675.1000234.TWC_wind_dis", "kmh");
user_pref("CT3281675.FF19Solved", "true");
user_pref("CT3281675.Facebook_Mode.enc", "Mg==");
user_pref("CT3281675.Facebook_User_Locale.enc", "ZGU=");
user_pref("CT3281675.FirstTime", "true");
user_pref("CT3281675.FirstTimeFF3", "true");
user_pref("CT3281675.PG_ENABLE", "dHJ1ZQ==");
user_pref("CT3281675.PG_ENABLE.enc", "dHJ1ZQ==");
user_pref("CT3281675.SF_JUST_INSTALLED.enc", "RkFMU0U=");
user_pref("CT3281675.SF_STATUS.enc", "RU5BQkxFRA==");
user_pref("CT3281675.SF_USER_ID.enc", "Y2lkXzIzNDIwMTMyMzk1ODMyMDUxOTI=");
user_pref("CT3281675.UserID", "UN26473215262352822");
user_pref("CT3281675.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT3281675.amazonNew_All.enc", "MzkwMTU2MSwyMDEzMTUxdEpXT1FmY0VSRGl2WUxhenRpc042USwyMDEzMTIxeGR4b2MramJReEM2YUVQa01xZ3VxZywyMDEzMTIxcE5nT2pCQkxRRVdiZGJuanJUSkxndyw0M
user_pref("CT3281675.appButtonDisablenull.enc", "MA==");
user_pref("CT3281675.autoDisableScopes", -1);
user_pref("CT3281675.browser.search.defaultthis.engineName", "true");
user_pref("CT3281675.cb_experience_000.enc", "Mjg1");
user_pref("CT3281675.cb_firstuse0100.enc", "MQ==");
user_pref("CT3281675.cb_user_id_000.enc", "Q0I3MDA0MDM5MzU2MTNfMTM2NDQxOTkwMDcwOF9GaXJlZm94");
user_pref("CT3281675.cbfirsttime.enc", "V2VkIE1hciAyNyAyMDEzIDIyOjMxOjQwIEdNVCswMTAw");
user_pref("CT3281675.defaultSearch", "true");
user_pref("CT3281675.enableAlerts", "always");
user_pref("CT3281675.enableFix404ByUser", "FALSE");
user_pref("CT3281675.enableSearchFromAddressBar", "true");
user_pref("CT3281675.firstTimeDialogOpened", "true");
user_pref("CT3281675.fixPageNotFoundError", "true");
user_pref("CT3281675.fixPageNotFoundErrorByUser", "true");
user_pref("CT3281675.fixPageNotFoundErrorInHidden", "true");
user_pref("CT3281675.fixUrls", true);
user_pref("CT3281675.homepageuserchanged", true);
user_pref("CT3281675.hxxp___pinterest_aot_im.isEnabled.enc", "WQ==");
user_pref("CT3281675.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES.enc", "b3BlbnBvc2l0aW9uPW9mZnNldDo1MDs1MCxzYXZlbG9jYXRpb249MCxyZXNpemFibGU9bm8sc
user_pref("CT3281675.installDate", "2/3/2013 12:26:11");
user_pref("CT3281675.isCheckedStartAsHidden", true);
user_pref("CT3281675.isFirstTimeToolbarLoading", "false");
user_pref("CT3281675.keyword", "true");
user_pref("CT3281675.lastVersion", "10.16.2.509");
user_pref("CT3281675.mam_gk_appStateReportTime.enc", "MTM3MDAwNDUyNzE4NA==");
user_pref("CT3281675.mam_gk_appState_CouponBuddy.enc", "b24=");
user_pref("CT3281675.mam_gk_appState_Easytobook.enc", "b24=");
user_pref("CT3281675.mam_gk_appState_Easytobook_targeted.enc", "b24=");
user_pref("CT3281675.mam_gk_appState_PriceGong.enc", "b24=");
user_pref("CT3281675.mam_gk_appState_WindowShopper.enc", "b24=");
user_pref("CT3281675.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnN
user_pref("CT3281675.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
user_pref("CT3281675.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiI3NzIxYmVjOC05ODllLTQyY2QtYW
user_pref("CT3281675.mam_gk_currentVersion.enc", "MS42LjAuMQ==");
user_pref("CT3281675.mam_gk_first_time.enc", "MQ==");
user_pref("CT3281675.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
user_pref("CT3281675.mam_gk_lastLoginTime.enc", "MTM3MDAwNDU0OTMzMA==");
user_pref("CT3281675.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50LVJpY2h0bGluaWUifSwiZ2FkZ2V0RGVzY3JpcHRpb25QcmltYXJ5Ijp7IlRleHQiOiJWYWx1ZSB
user_pref("CT3281675.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
user_pref("CT3281675.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmll
user_pref("CT3281675.mam_gk_settings1.6.0.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmll
user_pref("CT3281675.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
user_pref("CT3281675.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
user_pref("CT3281675.mam_gk_userId.enc", "NjZkZjc3ZjctNDRjOS00Mjc0LWE5Y2QtNTM2NWRiMzBlZTA4");
user_pref("CT3281675.migrateAppsAndComponents", true);
user_pref("CT3281675.openThankYouPage", "false");
user_pref("CT3281675.openUninstallPage", "true");
user_pref("CT3281675.price-gong.isManagedApp", "true");
user_pref("CT3281675.revertSettingsEnabled", "false");
user_pref("CT3281675.search.searchAppId", "130036105453116013");
user_pref("CT3281675.search.searchCount", "0");
user_pref("CT3281675.searchFromAddressBarEnabledByUser", "true");
user_pref("CT3281675.searchInNewTabEnabledByUser", "true");
user_pref("CT3281675.searchInNewTabEnabledInHidden", "true");
user_pref("CT3281675.searchUserMode", "2");
user_pref("CT3281675.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1369753937043");
user_pref("CT3281675.serviceLayer_services_appsMetadata_lastUpdate", "1370005590428");
user_pref("CT3281675.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1369203863435");
user_pref("CT3281675.serviceLayer_services_location_lastUpdate", "1369929101258");
user_pref("CT3281675.serviceLayer_services_login_10.14.65.43_lastUpdate", "1363699256174");
user_pref("CT3281675.serviceLayer_services_login_10.15.0.562_lastUpdate", "1365655388002");
user_pref("CT3281675.serviceLayer_services_login_10.15.2.523_lastUpdate", "1368257306363");
user_pref("CT3281675.serviceLayer_services_login_10.16.1.521_lastUpdate", "1368524344259");
user_pref("CT3281675.serviceLayer_services_login_10.16.2.509_lastUpdate", "1370004643335");
user_pref("CT3281675.serviceLayer_services_menu_bfd1c71334f926ecd0bf043e0f822c7e_lastUpdate", "1370004647810");
user_pref("CT3281675.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1369203863434");
user_pref("CT3281675.serviceLayer_services_searchAPI_lastUpdate", "1369929101254");
user_pref("CT3281675.serviceLayer_services_serviceMap_lastUpdate", "1369929101091");
user_pref("CT3281675.serviceLayer_services_setupAPI_lastUpdate", "1362223775141");
user_pref("CT3281675.serviceLayer_services_toolbarContextMenu_lastUpdate", "1369203863436");
user_pref("CT3281675.serviceLayer_services_toolbarSettings_lastUpdate", "1370005590305");
user_pref("CT3281675.serviceLayer_services_translation_lastUpdate", "1369929101198");
user_pref("CT3281675.settingsINI", true);
user_pref("CT3281675.shouldFirstTimeDialog", "false");
user_pref("CT3281675.showToolbarPermission", "false");
user_pref("CT3281675.startPage", "true");
user_pref("CT3281675.toolbarBornServerTime", "2-3-2013");
user_pref("CT3281675.toolbarCurrentServerTime", "31-5-2013");
user_pref("CT3281675.toolbarDisabled", "true");
user_pref("CT3281675.toolbarLoginClientTime", "Tue Mar 26 2013 09:09:21 GMT+0100");
user_pref("CT3281675.twitter_v1.8.0_twitter_app_open_t_f.enc", "ZmFsc2U=");
user_pref("CT3281675.url_history0001.enc", "aHR0cDovL3d3dy5mYWNlYm9vay5jb20vcGhvdG8ucGhwP2ZiaWQ9NTM5NDM4MTk5NDM1NzU5JnNldD1hLjE4NTgxMjA0MTQ2NTA0NS4zNzYxNS4xMDAwMDEwODc1MDUwODE
user_pref("extensions.cliqz.session", "mfpsmAxKiaOEqeSPczBl6wxYN9Qn45MCSMdZc18HQIacJTSlV9vZcrHZ5nO1QjLx");
Emptied folder: C:\Users\Melle mobil\AppData\Roaming\mozilla\firefox\profiles\2kxjj07a.default\minidumps [44 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.03.2015 at 9:43:18,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Melle mobil (administrator) on MELLE on 12-03-2015 09:46:57
Running from C:\Users\Melle mobil\Downloads
Loaded Profiles: UpdatusUser & Melle mobil (Available profiles: UpdatusUser & Melle mobil)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Java\jre6\bin\jusched.exe [148888 2015-02-11] (Sun Microsystems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2442446365-1373078036-4176911373-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-02-17] (Electronic Arts)
HKU\S-1-5-21-2442446365-1373078036-4176911373-1002\...\MountPoints2: {cd492e30-abd7-11e2-be8c-b888e359b6ba} - "E:\LGAutoRun.exe"
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2442446365-1373078036-4176911373-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-2442446365-1373078036-4176911373-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
URLSearchHook: [S-1-5-21-2442446365-1373078036-4176911373-1001] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2442446365-1373078036-4176911373-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2442446365-1373078036-4176911373-1002 -> {62B07A5B-C636-4CE0-9B00-AC516C012F93} URL =
SearchScopes: HKU\S-1-5-21-2442446365-1373078036-4176911373-1002 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2442446365-1373078036-4176911373-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-06-13] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-06-13] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-02-11] (Sun Microsystems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Melle mobil\AppData\Roaming\Mozilla\Firefox\Profiles\2kxjj07a.default
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Search
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Users\Melle mobil\Desktop\Bilder\Picasa3\npPicasa3.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Melle mobil\AppData\Roaming\Mozilla\Firefox\Profiles\2kxjj07a.default\searchplugins\google-images.xml [2014-12-21]
FF SearchPlugin: C:\Users\Melle mobil\AppData\Roaming\Mozilla\Firefox\Profiles\2kxjj07a.default\searchplugins\google-maps.xml [2014-12-21]
FF SearchPlugin: C:\Users\Melle mobil\AppData\Roaming\Mozilla\Firefox\Profiles\2kxjj07a.default\searchplugins\yahoo-avast.xml [2014-06-15]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Melle mobil\AppData\Roaming\Mozilla\Firefox\Profiles\2kxjj07a.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-12-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-31]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-13] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-05] (Electronic Arts)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-16] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-13] ()
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-16] (Dritek System Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-12 09:46 - 2015-03-12 09:46 - 00000000 ____D () C:\Users\Melle mobil\Downloads\FRST-OlderVersion
2015-03-12 09:44 - 2015-03-12 09:44 - 00000193 _____ () C:\Windows\WORDPAD.INI
2015-03-12 09:43 - 2015-03-12 09:43 - 00009098 _____ () C:\Users\Melle mobil\Desktop\JRT.txt
2015-03-12 09:33 - 2015-03-12 09:33 - 00000582 _____ () C:\Windows\PFRO.log
2015-03-12 09:24 - 2015-03-12 09:24 - 01388333 _____ (Thisisu) C:\Users\Melle mobil\Downloads\JRT.exe
2015-03-12 09:23 - 2015-03-12 09:31 - 00000000 ____D () C:\AdwCleaner
2015-03-12 09:23 - 2015-03-12 09:23 - 02171392 _____ () C:\Users\Melle mobil\Downloads\AdwCleaner_4.112.exe
2015-03-10 20:19 - 2015-03-11 14:25 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-10 20:19 - 2015-03-10 20:19 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-10 20:18 - 2015-03-10 20:18 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-10 20:07 - 2015-03-11 14:25 - 00000000 ____D () C:\Users\Melle mobil\Desktop\mbar
2015-03-10 20:05 - 2015-03-10 20:05 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Melle mobil\Downloads\mbar-1.09.1.1004.exe
2015-03-10 20:05 - 2015-03-10 20:05 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Melle mobil\Downloads\tdsskiller.exe
2015-03-10 12:07 - 2015-03-10 12:07 - 00025219 _____ () C:\Users\Melle mobil\Downloads\Addition.txt
2015-03-10 12:06 - 2015-03-12 09:46 - 00012832 _____ () C:\Users\Melle mobil\Downloads\FRST.txt
2015-03-10 12:06 - 2015-03-12 09:46 - 00000000 ____D () C:\FRST
2015-03-10 12:04 - 2015-03-12 09:46 - 02095616 _____ (Farbar) C:\Users\Melle mobil\Downloads\FRST64.exe
2015-03-09 16:24 - 2015-03-10 20:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-09 16:23 - 2015-03-09 16:23 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Melle mobil\Downloads\mbam-setup-2.0.4.1028(2).exe
2015-03-05 08:51 - 2015-03-05 08:52 - 00000000 ____D () C:\Users\Melle mobil\Desktop\Regeln
2015-02-11 18:38 - 2015-02-14 14:45 - 00000000 ____D () C:\Users\Melle mobil\Documents\Create at Home Projekts
2015-02-11 17:04 - 2015-02-11 17:04 - 00000000 ____D () C:\Users\Melle mobil\AppData\Roaming\MPC
2015-02-11 17:03 - 2015-02-11 17:03 - 00000000 ____D () C:\Users\Melle mobil\.kodakch
2015-02-11 17:01 - 2015-02-14 18:31 - 00000000 ____D () C:\Program Files (x86)\KODAK Create@Home Software (für dm)
2015-02-11 16:57 - 2015-02-11 16:57 - 00410984 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deploytk.dll
2015-02-11 16:57 - 2015-02-11 16:57 - 00148888 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2015-02-11 16:57 - 2015-02-11 16:57 - 00144792 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2015-02-11 16:57 - 2015-02-11 16:57 - 00144792 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2015-02-11 16:55 - 2015-02-11 16:55 - 00000000 ____D () C:\Users\Melle mobil\AppData\Roaming\Kodak Alaris Inc
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-12 09:44 - 2013-03-02 13:24 - 00000000 ____D () C:\ProgramData\Origin
2015-03-12 09:39 - 2012-08-16 15:01 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2015-03-12 09:39 - 2012-08-16 15:01 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2015-03-12 09:39 - 2012-07-26 08:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-12 09:34 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-12 09:32 - 2014-10-12 05:07 - 01145964 _____ () C:\Windows\WindowsUpdate.log
2015-03-12 09:32 - 2012-07-26 06:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-03-12 09:31 - 2013-07-25 11:41 - 00000000 ____D () C:\Users\Melle mobil\AppData\Roaming\Common
2015-03-12 09:06 - 2013-05-29 08:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-12 09:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2015-03-11 14:29 - 2013-03-02 13:23 - 00000000 ____D () C:\Users\Melle mobil\AppData\Local\CrashDumps
2015-03-11 07:35 - 2013-03-09 13:49 - 05556224 ___SH () C:\Users\Melle mobil\Desktop\Thumbs.db
2015-03-10 14:01 - 2013-03-01 20:58 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2442446365-1373078036-4176911373-1002
2015-03-09 19:31 - 2012-08-03 08:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-09 19:24 - 2013-03-02 11:35 - 00000000 ____D () C:\Users\Melle mobil\AppData\Roaming\DVDVideoSoft
2015-03-09 19:22 - 2013-03-02 08:56 - 00000000 ___RD () C:\Users\Melle mobil\Desktop\Haushalt
2015-03-09 16:50 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\registration
2015-03-07 19:48 - 2013-03-01 20:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-05 12:39 - 2014-02-09 18:47 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-02 21:31 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-02 21:22 - 2013-03-07 23:44 - 00000000 ___RD () C:\Users\Public\Documents\HAUSHALT
2015-02-27 08:25 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2015-02-11 17:03 - 2013-03-01 20:52 - 00000000 ____D () C:\Users\Melle mobil
2015-02-11 16:57 - 2013-03-20 22:45 - 00000000 ____D () C:\Program Files (x86)\Java
Some content of TEMP:
====================
C:\Users\Melle mobil\AppData\Local\Temp\Quarantine.exe
C:\Users\Melle mobil\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-09 07:10
==================== End Of Log ============================
--- --- --- --- --- --- Ist der Registry Cleaner vom CCleaner eigentlich irgendwie von Belang für deine Diagnose? Ich meine nur, weil da auf einmal so viel drin steht. Normal hab ich nur Probleme mit den ersten drei Einträgen und i.d.R. steht der dann auch nur einmal drin.... Code:
ATTFilter ActiveX/COM Fehler dhRichClient3.cIndexes - {00B11DA2-75ED-4364-ABA5-9A95B1F5E946} HKCR\dhRichClient3.cIndexes
ActiveX/COM Fehler InProcServer32\C:\Users\Melle mobil\Desktop\7-Zip\7-zip.dll HKCR\CLSID\{23170F69-40C1-278A-1000-000100020000}
ActiveX/COM Fehler InProcServer32\%CommonProgramFiles%\System\Ole DB\msdaora.dll HKCR\CLSID\{e8cc4cbe-fdff-11d0-b865-00a0c9081c1d}
Fehlender TypeLib Verweis _TestContentCommand - {DB538320-D3C5-433C-BCA9-C4081A054FCF} HKCR\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
Anwendungspfad Fehler 7zFM.exe - C:\Users\Melle mobil\Desktop\7-Zip\7zFM.exe HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\7zFM.exe
Uninstaller-Verweis Fehler "C:\Users\Melle mobil\Desktop\7-Zip\Uninstall.exe" HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\7-Zip
Fehlende MUI Beziehung C:\Users\Melle mobil\Desktop\7-Zip\7zG.exe.FriendlyAppName HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Fehlende MUI Beziehung C:\Users\Melle mobil\Desktop\7-Zip\7zG.exe.ApplicationCompany HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Fehlende MUI Beziehung C:\Users\Melle mobil\Desktop\7-Zip\7zFM.exe.FriendlyAppName HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Fehlende MUI Beziehung C:\Users\Melle mobil\Desktop\7-Zip\7zFM.exe.ApplicationCompany HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
|
12.03.2015, 19:39
| #10 |
| /// the machine /// TB-Ausbilder | web.de account verschickt selbständig unerwünschte Links Finger weg von Registry Cleanern  ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu web.de account verschickt selbständig unerwünschte Links |
| anschluss, avast, email, folge, frage, gelöscht, google, hängen, laptop, link, links, löschen, malwarebytes, netzwerk, online, passwort, programme, prüfen, registry, seite, seiten, selbständig, tablet, tan, viren, überprüfung |
Linear-Darstellung
