| |
| |||||||
Log-Analyse und Auswertung: Windows 7 Windows Explorer schließt sich immerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
29.05.2015, 19:41
| #1 |
 |  Windows 7 Windows Explorer schließt sich immer Hallo, ich brauche Hilfe. Wenn ich den Windows Explorer öffnen und anschließend den Ordner "Eigene Bilder" auswähle, schließt sich der Explorer. Bis vor ein paar Tagen kam noch die Meldung, dass dieser nicht mehr funktioniert und deshalb geschlossen wird. Nun schließt er sich einfach nur noch. Über Antivir finde ich keinen Virus. Defogger habe ich ausgeführt, es wurde kein Log von diesem Programm erstellt. Von FRST und GMER füge ich die Logs an. Ich hoffe, dass mir geholfen werden kann. Viele Grüße Tuuli |
|
29.05.2015, 20:08
| #2 |
| /// TB-Ausbilder   | Windows 7 Windows Explorer schließt sich immer Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
30.05.2015, 13:45
| #3 |
| | Windows 7 Windows Explorer schließt sich immer Hallo Matthias,
__________________anbei der Report von TDSSKiller. Viele Grüße Stefanie Code:
ATTFilter 14:40:33.0185 0x0314 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:40:40.0910 0x0314 ============================================================
14:40:40.0911 0x0314 Current date / time: 2015/05/30 14:40:40.0910
14:40:40.0911 0x0314 SystemInfo:
14:40:40.0911 0x0314
14:40:40.0911 0x0314 OS Version: 6.1.7601 ServicePack: 1.0
14:40:40.0911 0x0314 Product type: Workstation
14:40:40.0911 0x0314 ComputerName: STEFANIE-LAPTOP
14:40:40.0911 0x0314 UserName: Stefanie
14:40:40.0911 0x0314 Windows directory: C:\Windows
14:40:40.0911 0x0314 System windows directory: C:\Windows
14:40:40.0911 0x0314 Processor architecture: Intel x86
14:40:40.0911 0x0314 Number of processors: 2
14:40:40.0911 0x0314 Page size: 0x1000
14:40:40.0911 0x0314 Boot type: Normal boot
14:40:40.0911 0x0314 ============================================================
14:40:44.0135 0x0314 KLMD registered as C:\Windows\system32\drivers\35546876.sys
14:40:45.0314 0x0314 System UUID: {E916B1B8-5A7F-AF59-7631-3E5FDF9A89F5}
14:40:47.0363 0x0314 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:40:47.0370 0x0314 ============================================================
14:40:47.0370 0x0314 \Device\Harddisk0\DR0:
14:40:47.0370 0x0314 MBR partitions:
14:40:47.0370 0x0314 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x157C800, BlocksNum 0x11C53000
14:40:47.0370 0x0314 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x131CF800, BlocksNum 0x11C5E800
14:40:47.0370 0x0314 ============================================================
14:40:47.0502 0x0314 C: <-> \Device\Harddisk0\DR0\Partition1
14:40:47.0693 0x0314 D: <-> \Device\Harddisk0\DR0\Partition2
14:40:47.0694 0x0314 ============================================================
14:40:47.0694 0x0314 Initialize success
14:40:47.0694 0x0314 ============================================================
14:41:59.0488 0x1414 ============================================================
14:41:59.0488 0x1414 Scan started
14:41:59.0488 0x1414 Mode: Manual; SigCheck; TDLFS;
14:41:59.0488 0x1414 ============================================================
14:41:59.0488 0x1414 KSN ping started
14:42:02.0223 0x1414 KSN ping finished: true
14:42:03.0758 0x1414 ================ Scan system memory ========================
14:42:03.0759 0x1414 System memory - ok
14:42:03.0759 0x1414 ================ Scan services =============================
14:42:03.0993 0x1414 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:42:04.0173 0x1414 1394ohci - ok
14:42:04.0233 0x1414 [ 0A1E97197609F92D2425B67DA0BB0A7F, 818FD957C6EA1869ED13EA8C0681D2850141E22A68A2D982E4AEEA2736F50555 ] ACEDRV05 C:\Windows\system32\drivers\ACEDRV05.sys
14:42:04.0366 0x1414 ACEDRV05 - detected UnsignedFile.Multi.Generic ( 1 )
14:42:07.0106 0x1414 Detect skipped due to KSN trusted
14:42:07.0106 0x1414 ACEDRV05 - ok
14:42:07.0318 0x1414 [ DA115C33158E4ED1CCE74221F320B6B3, B632ABF936A1EFABC8D978D6E8E06FAC54563C7F7FB713A49BD55906D458842D ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
14:42:07.0893 0x1414 acedrv11 - ok
14:42:07.0945 0x1414 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:42:07.0986 0x1414 ACPI - ok
14:42:08.0037 0x1414 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:42:08.0167 0x1414 AcpiPmi - ok
14:42:08.0294 0x1414 [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:42:08.0311 0x1414 AdobeARMservice - ok
14:42:08.0407 0x1414 [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:42:08.0603 0x1414 AdobeFlashPlayerUpdateSvc - ok
14:42:08.0734 0x1414 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:42:08.0899 0x1414 adp94xx - ok
14:42:08.0936 0x1414 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:42:09.0005 0x1414 adpahci - ok
14:42:09.0032 0x1414 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:42:09.0054 0x1414 adpu320 - ok
14:42:09.0092 0x1414 [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:42:09.0252 0x1414 AeLookupSvc - ok
14:42:09.0311 0x1414 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
14:42:09.0384 0x1414 AFD - ok
14:42:09.0414 0x1414 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
14:42:09.0430 0x1414 agp440 - ok
14:42:09.0481 0x1414 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
14:42:09.0527 0x1414 aic78xx - ok
14:42:09.0613 0x1414 [ 7067AC22EB74C2E3D4C950050CBB1AC0, 2CC18B36FE0059CD0C4745BA698DB322006BED182623D85655A389077DB52A03 ] ALDITALKVerbindungsassistent_Service C:\Program Files\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
14:42:09.0634 0x1414 ALDITALKVerbindungsassistent_Service - ok
14:42:09.0727 0x1414 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
14:42:09.0837 0x1414 ALG - ok
14:42:09.0892 0x1414 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
14:42:09.0930 0x1414 aliide - ok
14:42:09.0962 0x1414 [ EB7C2F213A219CA9CF807B6888186070, 710F4F6370984B093CFCE8BC517DC6B9ADBB14E7D123DF89F400FE7D0F2BCBF0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:42:10.0021 0x1414 AMD External Events Utility - ok
14:42:10.0060 0x1414 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:42:10.0103 0x1414 amdagp - ok
14:42:10.0122 0x1414 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
14:42:10.0162 0x1414 amdide - ok
14:42:10.0218 0x1414 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:42:10.0312 0x1414 AmdK8 - ok
14:42:10.0731 0x1414 [ 92D358D9E637F4BF4C2F87CF0B85B494, 3D6CAC4E0B58B2EAA0A7307C3DA4008D67ABA91AA03672197FCDE33148B83241 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:42:11.0487 0x1414 amdkmdag - ok
14:42:11.0558 0x1414 [ 6DC621388E76DC43D8558A20603B5A9E, B9687D90350711127715FA78093BED452D571DFB5C71C28B082AB03AAE75D9E7 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:42:11.0633 0x1414 amdkmdap - ok
14:42:11.0718 0x1414 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:42:11.0774 0x1414 AmdPPM - ok
14:42:11.0829 0x1414 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:42:11.0875 0x1414 amdsata - ok
14:42:11.0932 0x1414 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:42:11.0974 0x1414 amdsbs - ok
14:42:12.0000 0x1414 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:42:12.0044 0x1414 amdxata - ok
14:42:12.0176 0x1414 [ D908096B873B940BB438CE63BA35BD1E, F1C79C907E6CDBC2770C16AFFAE0D6F9B9B7DA21F5074D602AC5FE1597975748 ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
14:42:12.0241 0x1414 AntiVirMailService - ok
14:42:12.0338 0x1414 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
14:42:12.0359 0x1414 AntiVirSchedulerService - ok
14:42:12.0429 0x1414 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
14:42:12.0449 0x1414 AntiVirService - ok
14:42:12.0575 0x1414 [ 0F3D12E5FAE0082DB3F306095CA6B027, 726D054357031F45B43C87D798E84FA93439ECA6C691EB8C76FE524B50C25B32 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
14:42:12.0679 0x1414 AntiVirWebService - ok
14:42:12.0734 0x1414 [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID C:\Windows\system32\drivers\appid.sys
14:42:12.0839 0x1414 AppID - ok
14:42:12.0857 0x1414 [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:42:12.0908 0x1414 AppIDSvc - ok
14:42:12.0978 0x1414 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
14:42:13.0048 0x1414 Appinfo - ok
14:42:13.0097 0x1414 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:42:13.0134 0x1414 arc - ok
14:42:13.0163 0x1414 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:42:13.0200 0x1414 arcsas - ok
14:42:13.0339 0x1414 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:42:13.0413 0x1414 aspnet_state - ok
14:42:13.0475 0x1414 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:42:13.0645 0x1414 AsyncMac - ok
14:42:13.0734 0x1414 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
14:42:13.0777 0x1414 atapi - ok
14:42:13.0840 0x1414 [ 434192D027A6A11E32E1C74C7C43E1ED, EA4A981B42EC16C2457D80218E94D7B339E05629A028ED5A011D8C7C1039BFD2 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
14:42:13.0885 0x1414 AtiHDAudioService - ok
14:42:14.0280 0x1414 [ 92D358D9E637F4BF4C2F87CF0B85B494, 3D6CAC4E0B58B2EAA0A7307C3DA4008D67ABA91AA03672197FCDE33148B83241 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:42:14.0564 0x1414 atikmdag - ok
14:42:14.0701 0x1414 [ F0D933B42CD0594048E4D5200AE9E417, FF53E843A99948568515964C3C97107FA875BBC3F2906BADEE0B29ACE5532F0D ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
14:42:14.0775 0x1414 atksgt - ok
14:42:14.0851 0x1414 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:42:14.0935 0x1414 AudioEndpointBuilder - ok
14:42:15.0078 0x1414 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:42:15.0195 0x1414 Audiosrv - ok
14:42:15.0323 0x1414 [ EC17E91BC9026C5ED580FB2B13E341AB, 2D9421AE05F3D4A8DBD69D73B4B562EA4F93FBD12AB2F77C52DA8B411626EBF1 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:42:15.0379 0x1414 avgntflt - ok
14:42:15.0446 0x1414 [ 7BAA36ED6C6098899D9E1269A61085C3, 2D101F1C6C79B0BD722BDB5939344F65728EC2F5B747B6619640775E6FDEFC0A ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:42:15.0529 0x1414 avipbb - ok
14:42:15.0621 0x1414 [ F7C1D09B299B40CBF90A6BF15C0BDC0F, D9E3DBAFE66EE3E44011FD92B4989AE4DB9ED1AA96EA28321D8EC6385EA63FEA ] Avira.OE.ServiceHost C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
14:42:15.0649 0x1414 Avira.OE.ServiceHost - ok
14:42:15.0750 0x1414 [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:42:15.0793 0x1414 avkmgr - ok
14:42:15.0863 0x1414 [ 3303FB85532093FC6723632B5947E8C4, F8301069A8EAD7303CAE5B7CAE3F119747E7B7B4402178018EB5254087238A42 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
14:42:15.0962 0x1414 avnetflt - ok
14:42:16.0182 0x1414 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:42:16.0412 0x1414 AxInstSV - ok
14:42:16.0558 0x1414 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
14:42:16.0687 0x1414 b06bdrv - ok
14:42:16.0743 0x1414 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
14:42:16.0835 0x1414 b57nd60x - ok
14:42:16.0906 0x1414 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
14:42:16.0995 0x1414 BDESVC - ok
14:42:17.0011 0x1414 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
14:42:17.0091 0x1414 Beep - ok
14:42:17.0165 0x1414 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
14:42:17.0281 0x1414 BFE - ok
14:42:17.0324 0x1414 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
14:42:17.0497 0x1414 BITS - ok
14:42:17.0549 0x1414 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:42:17.0612 0x1414 blbdrive - ok
14:42:17.0695 0x1414 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:42:17.0783 0x1414 bowser - ok
14:42:17.0804 0x1414 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:42:17.0846 0x1414 BrFiltLo - ok
14:42:17.0867 0x1414 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:42:17.0928 0x1414 BrFiltUp - ok
14:42:17.0986 0x1414 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
14:42:18.0081 0x1414 Browser - ok
14:42:18.0113 0x1414 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:42:18.0193 0x1414 Brserid - ok
14:42:18.0210 0x1414 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:42:18.0256 0x1414 BrSerWdm - ok
14:42:18.0272 0x1414 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:42:18.0329 0x1414 BrUsbMdm - ok
14:42:18.0355 0x1414 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:42:18.0392 0x1414 BrUsbSer - ok
14:42:18.0442 0x1414 [ DB99076533FFB38CBEC8AC88E4535850, 632C21EF7A587A6FA27A3604B1F5D4A01F47B46007F7FD4A2A464534288FBE8A ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys
14:42:18.0522 0x1414 BthAvrcp - ok
14:42:18.0594 0x1414 [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:42:18.0705 0x1414 BthEnum - ok
14:42:18.0723 0x1414 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:42:18.0785 0x1414 BTHMODEM - ok
14:42:18.0817 0x1414 [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:42:18.0878 0x1414 BthPan - ok
14:42:18.0949 0x1414 [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:42:19.0031 0x1414 BTHPORT - ok
14:42:19.0085 0x1414 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
14:42:19.0174 0x1414 bthserv - ok
14:42:19.0217 0x1414 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:42:19.0258 0x1414 BTHUSB - ok
14:42:19.0310 0x1414 [ D517BA16793D76210C963DAB2A88B74F, F2055F09A089273E3A218EAC49299FC7499798B10D10B995D7BA6D8390B7E730 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
14:42:19.0393 0x1414 btmhsf - ok
14:42:19.0459 0x1414 [ 09E6AFFAE6C0E9158BF05C7D08D0107A, 05524526EBD5F42F58404A698F397CD7CBC2CBB5F7211AB6B5C2691A87983A24 ] BUNAgentSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
14:42:19.0482 0x1414 BUNAgentSvc - detected UnsignedFile.Multi.Generic ( 1 )
14:42:22.0110 0x1414 Detect skipped due to KSN trusted
14:42:22.0110 0x1414 BUNAgentSvc - ok
14:42:22.0167 0x1414 [ 248DFA5762DDE38DFDDBBD44149E9D7A, D696D5698B7B5B331A6ED39172015349685450D10F63B1E4D4112199198FA5C7 ] BVRPMPR5 C:\Windows\system32\drivers\BVRPMPR5.SYS
14:42:22.0236 0x1414 BVRPMPR5 - detected UnsignedFile.Multi.Generic ( 1 )
14:42:25.0202 0x1414 Detect skipped due to KSN trusted
14:42:25.0202 0x1414 BVRPMPR5 - ok
14:42:25.0260 0x1414 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:42:25.0355 0x1414 cdfs - ok
14:42:25.0395 0x1414 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:42:25.0460 0x1414 cdrom - ok
14:42:25.0499 0x1414 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
14:42:25.0553 0x1414 CertPropSvc - ok
14:42:25.0633 0x1414 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:42:25.0697 0x1414 circlass - ok
14:42:25.0812 0x1414 cleanhlp - ok
14:42:25.0849 0x1414 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
14:42:25.0974 0x1414 CLFS - ok
14:42:26.0166 0x1414 [ 8B67044AE0621C005245EF62EEF0746F, 6FF9F96CAB3861AD444596FFF20EBE2BDDD98176392DF98C46C821360B0B1E01 ] CLHNService C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
14:42:26.0298 0x1414 CLHNService - detected UnsignedFile.Multi.Generic ( 1 )
14:42:29.0176 0x1414 Detect skipped due to KSN trusted
14:42:29.0176 0x1414 CLHNService - ok
14:42:29.0293 0x1414 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:42:29.0332 0x1414 clr_optimization_v2.0.50727_32 - ok
14:42:29.0408 0x1414 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:42:29.0470 0x1414 clr_optimization_v4.0.30319_32 - ok
14:42:29.0510 0x1414 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:42:29.0567 0x1414 CmBatt - ok
14:42:29.0594 0x1414 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:42:29.0631 0x1414 cmdide - ok
14:42:29.0698 0x1414 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\Windows\system32\Drivers\cng.sys
14:42:29.0776 0x1414 CNG - ok
14:42:29.0805 0x1414 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:42:29.0841 0x1414 Compbatt - ok
14:42:29.0885 0x1414 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:42:29.0950 0x1414 CompositeBus - ok
14:42:29.0972 0x1414 COMSysApp - ok
14:42:29.0993 0x1414 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:42:30.0032 0x1414 crcdisk - ok
14:42:30.0079 0x1414 [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:42:30.0157 0x1414 CryptSvc - ok
14:42:30.0197 0x1414 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
14:42:30.0247 0x1414 DcomLaunch - ok
14:42:30.0295 0x1414 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
14:42:30.0450 0x1414 defragsvc - ok
14:42:30.0494 0x1414 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:42:30.0532 0x1414 DfsC - ok
14:42:30.0607 0x1414 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:42:30.0732 0x1414 Dhcp - ok
14:42:30.0806 0x1414 [ E95DE5B790B2D16706DAC8472E51F31A, 9D7A72742D369B9F0E4ACEC9C1850D0D60E975AEBEFF5BA06B954EA3AB3E9FF6 ] DiagTrack C:\Windows\system32\diagtrack.dll
14:42:30.0987 0x1414 DiagTrack - ok
14:42:31.0062 0x1414 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
14:42:31.0108 0x1414 discache - ok
14:42:31.0192 0x1414 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:42:31.0265 0x1414 Disk - ok
14:42:31.0298 0x1414 [ C701324C9E0C25DD9D60311BD87FBC84, 86BE238FCC60A55C92D303452A9D5DFA838AE560BDC03A5C6F0F9ABE92062B5A ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
14:42:31.0336 0x1414 DKbFltr - ok
14:42:31.0373 0x1414 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:42:31.0442 0x1414 Dnscache - ok
14:42:31.0482 0x1414 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
14:42:31.0607 0x1414 dot3svc - ok
14:42:31.0729 0x1414 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
14:42:31.0793 0x1414 DPS - ok
14:42:31.0836 0x1414 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:42:31.0916 0x1414 drmkaud - ok
14:42:31.0972 0x1414 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:42:32.0097 0x1414 DXGKrnl - ok
14:42:32.0139 0x1414 EagleNT - ok
14:42:32.0188 0x1414 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
14:42:32.0308 0x1414 EapHost - ok
14:42:32.0481 0x1414 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
14:42:32.0764 0x1414 ebdrv - ok
14:42:32.0967 0x1414 [ B1F2503E23425B386DF0F3413B2596F3, 02FB1FA57679DBFF2E13641AB7C24CC28D5A4CFB0C51B7A617D3A3A406B8DF0C ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
14:42:32.0998 0x1414 eDataSecurity Service - ok
14:42:33.0060 0x1414 [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] EFS C:\Windows\System32\lsass.exe
14:42:33.0138 0x1414 EFS - ok
14:42:33.0247 0x1414 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:42:33.0419 0x1414 ehRecvr - ok
14:42:33.0450 0x1414 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
14:42:33.0513 0x1414 ehSched - ok
14:42:33.0559 0x1414 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:42:33.0669 0x1414 elxstor - ok
14:42:33.0700 0x1414 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:42:33.0762 0x1414 ErrDev - ok
14:42:33.0793 0x1414 esgiguard - ok
14:42:33.0840 0x1414 [ E23ACF6CB61079AFD90A09519C8C6189, 2482B8855ABC5F1F10F3C338B88E4FC0F8292468B4B16517E7F0281B3D85DBAC ] ETService C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
14:42:33.0887 0x1414 ETService - detected UnsignedFile.Multi.Generic ( 1 )
14:42:36.0586 0x1414 Detect skipped due to KSN trusted
14:42:36.0586 0x1414 ETService - ok
14:42:36.0742 0x1414 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
14:42:36.0991 0x1414 EventSystem - ok
14:42:37.0303 0x1414 [ 54B6E150BFF4A47EB0D204119D262E46, 0D6215AE7B29859C2301AADD4260534CD47C94E680E649C8CBBEDBE8713BC39D ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:42:37.0397 0x1414 EvtEng - detected UnsignedFile.Multi.Generic ( 1 )
14:42:40.0205 0x1414 Detect skipped due to KSN trusted
14:42:40.0205 0x1414 EvtEng - ok
14:42:40.0283 0x1414 [ E1556AF3FB0284C32896B9AC8494D9C2, 9DB34E517F88B8727ABBE2ADDD723714B3AD94A8D13A3A0FD7F05F19F715D37E ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
14:42:40.0657 0x1414 ewusbnet - ok
14:42:40.0829 0x1414 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7, 9AAF39AA22372FB8582C1422581C08E61444BF843E1CE2E199EB00FBEA6F9C06 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
14:42:40.0907 0x1414 ew_hwusbdev - ok
14:42:41.0001 0x1414 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
14:42:41.0749 0x1414 exfat - ok
14:42:41.0890 0x1414 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:42:42.0030 0x1414 fastfat - ok
14:42:42.0124 0x1414 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
14:42:42.0233 0x1414 Fax - ok
14:42:42.0280 0x1414 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:42:42.0717 0x1414 fdc - ok
14:42:42.0763 0x1414 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
14:42:42.0888 0x1414 fdPHost - ok
14:42:42.0904 0x1414 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
14:42:42.0966 0x1414 FDResPub - ok
14:42:42.0997 0x1414 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:42:43.0044 0x1414 FileInfo - ok
14:42:43.0060 0x1414 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:42:43.0138 0x1414 Filetrace - ok
14:42:43.0372 0x1414 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:42:43.0497 0x1414 flpydisk - ok
14:42:43.0528 0x1414 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:42:43.0606 0x1414 FltMgr - ok
14:42:43.0731 0x1414 [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache C:\Windows\system32\FntCache.dll
14:42:43.0933 0x1414 FontCache - ok
14:42:44.0214 0x1414 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:42:44.0323 0x1414 FontCache3.0.0.0 - ok
14:42:44.0433 0x1414 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:42:44.0479 0x1414 FsDepends - ok
14:42:44.0526 0x1414 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:42:44.0557 0x1414 Fs_Rec - ok
14:42:44.0698 0x1414 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:42:44.0713 0x1414 fvevol - ok
14:42:44.0745 0x1414 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:42:44.0791 0x1414 gagp30kx - ok
14:42:44.0854 0x1414 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
14:42:44.0947 0x1414 gpsvc - ok
14:42:45.0057 0x1414 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:42:45.0072 0x1414 gupdate - ok
14:42:45.0103 0x1414 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:42:45.0119 0x1414 gupdatem - ok
14:42:45.0150 0x1414 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:42:45.0166 0x1414 gusvc - ok
14:42:45.0213 0x1414 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:42:45.0337 0x1414 hcw85cir - ok
14:42:45.0384 0x1414 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:42:45.0400 0x1414 HDAudBus - ok
14:42:45.0696 0x1414 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:42:45.0759 0x1414 HidBatt - ok
14:42:45.0805 0x1414 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:42:45.0852 0x1414 HidBth - ok
14:42:45.0899 0x1414 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:42:45.0993 0x1414 HidIr - ok
14:42:46.0024 0x1414 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
14:42:46.0071 0x1414 hidserv - ok
14:42:46.0227 0x1414 [ 7903A9FB9FC7102AD26B2627FC7934AE, EF8AB24486B0CAFB29AB2ED21A419DB6EB01C8AF0B5815F64E5424B28096E9BE ] hidshim C:\Windows\system32\DRIVERS\hidshim.sys
14:42:46.0429 0x1414 hidshim - ok
14:42:46.0492 0x1414 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:42:46.0601 0x1414 HidUsb - ok
14:42:46.0710 0x1414 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
14:42:46.0757 0x1414 hkmsvc - ok
14:42:46.0819 0x1414 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:42:46.0897 0x1414 HomeGroupListener - ok
14:42:46.0944 0x1414 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:42:47.0022 0x1414 HomeGroupProvider - ok
14:42:47.0053 0x1414 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:42:47.0069 0x1414 HpSAMD - ok
14:42:47.0194 0x1414 [ 7BC42C65B5C6281777C1A7605B253BA8, 71885EB4E8625450ECA4623466FB3D5437DAABE739A5DC3B5F4CF982A65F8A86 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
14:42:47.0443 0x1414 HSF_DPV - ok
14:42:47.0459 0x1414 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E, A11CE324DD8E8BDFFDF513429C32D3C16EC79DC9A7517048587759B26BF38583 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
14:42:47.0506 0x1414 HSXHWAZL - ok
14:42:47.0553 0x1414 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:42:47.0724 0x1414 HTTP - ok
14:42:47.0755 0x1414 [ A89423D0132C8AB69BA621B6CE191714, 6C3DD1B115411014F7B0B33817A53F09CCF4B2956C4C152AD59C4E24636BE79E ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:42:47.0849 0x1414 hwdatacard - ok
14:42:47.0896 0x1414 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:42:47.0911 0x1414 hwpolicy - ok
14:42:47.0974 0x1414 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:42:48.0067 0x1414 i8042prt - ok
14:42:48.0099 0x1414 [ D483687EACE0C065EE772481A96E05F5, A22200E90C78DFE73FE0FBEED5331AB43CD7133651FD125595C4DB604AD71B29 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:42:48.0130 0x1414 iaStor - ok
14:42:48.0223 0x1414 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:42:48.0379 0x1414 iaStorV - ok
14:42:48.0411 0x1414 [ 61401BA4183BC171BA114FCE4981BB33, 8BBAAEB953447ED5CDE0E6FDA7F61DDF75BDB5BD3247AB8823BFBE9FB9C2FDCC ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
14:42:48.0489 0x1414 iBtFltCoex - ok
14:42:48.0598 0x1414 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:42:48.0879 0x1414 idsvc - ok
14:42:48.0941 0x1414 IEEtwCollectorService - ok
14:42:49.0050 0x1414 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:42:49.0097 0x1414 iirsp - ok
14:42:49.0159 0x1414 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
14:42:49.0237 0x1414 IKEEXT - ok
14:42:49.0284 0x1414 [ 58FF11C95C3681C9250914521CB9F036, 21249A7F85FCCC5DF56F67C92D3964CFBD3E9855EABDD2148075200A86868372 ] int15 C:\Windows\system32\drivers\int15.sys
14:42:49.0331 0x1414 int15 - ok
14:42:49.0471 0x1414 [ F2BAA4FF548F7F0317F7638951C1CD9C, C5B35FCEE8AC7C3BE4D4F834A49A0B71A17E751AFB02DE84ECB9774AA49B2879 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:42:49.0690 0x1414 IntcAzAudAddService - ok
14:42:49.0815 0x1414 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
14:42:49.0908 0x1414 intelide - ok
14:42:49.0986 0x1414 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:42:50.0002 0x1414 intelppm - ok
14:42:50.0033 0x1414 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:42:50.0127 0x1414 IPBusEnum - ok
14:42:50.0158 0x1414 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:42:50.0283 0x1414 IpFilterDriver - ok
14:42:50.0376 0x1414 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:42:50.0454 0x1414 iphlpsvc - ok
14:42:50.0485 0x1414 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:42:50.0532 0x1414 IPMIDRV - ok
14:42:50.0641 0x1414 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:42:50.0829 0x1414 IPNAT - ok
14:42:50.0891 0x1414 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:42:51.0063 0x1414 IRENUM - ok
14:42:51.0094 0x1414 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:42:51.0141 0x1414 isapnp - ok
14:42:51.0187 0x1414 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:42:51.0203 0x1414 iScsiPrt - ok
14:42:51.0250 0x1414 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:42:51.0328 0x1414 kbdclass - ok
14:42:51.0359 0x1414 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:42:51.0421 0x1414 kbdhid - ok
14:42:51.0468 0x1414 [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] KeyIso C:\Windows\system32\lsass.exe
14:42:51.0484 0x1414 KeyIso - ok
14:42:51.0515 0x1414 [ 6DD2A1064DD8AFBED22E71176E2AF59B, 915F36860DAA72DA89E906A7F6F255A854A2A91EEA536A7C2EDB4A63250F66CC ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:42:51.0562 0x1414 KSecDD - ok
14:42:51.0609 0x1414 [ 76C0D35167B1369C68388FEDB56A3048, 2788962AB21DBB0A4D130AE5F822E9FDB96D7FF6320E2798714BF18BCB9CAE4F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:42:51.0733 0x1414 KSecPkg - ok
14:42:51.0796 0x1414 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
14:42:51.0936 0x1414 KtmRm - ok
14:42:51.0967 0x1414 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:42:52.0014 0x1414 LanmanServer - ok
14:42:52.0061 0x1414 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:42:52.0108 0x1414 LanmanWorkstation - ok
14:42:52.0217 0x1414 [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:42:52.0233 0x1414 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
14:42:55.0275 0x1414 Detect skipped due to KSN trusted
14:42:55.0275 0x1414 LightScribeService - ok
14:42:55.0306 0x1414 [ F8A7212D0864EF5E9185FB95E6623F4D, 277EAA06BD3D1CB31E6CD7B9ECD3A4B7D4AB7A369DB5FFF04EC7D749DF26E3D2 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
14:42:55.0337 0x1414 lirsgt - ok
14:42:55.0384 0x1414 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:42:55.0758 0x1414 lltdio - ok
14:42:55.0821 0x1414 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:42:55.0930 0x1414 lltdsvc - ok
14:42:55.0945 0x1414 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:42:56.0039 0x1414 lmhosts - ok
14:42:56.0070 0x1414 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:42:56.0179 0x1414 LSI_FC - ok
14:42:56.0242 0x1414 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:42:56.0289 0x1414 LSI_SAS - ok
14:42:56.0335 0x1414 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:42:56.0382 0x1414 LSI_SAS2 - ok
14:42:56.0413 0x1414 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:42:56.0429 0x1414 LSI_SCSI - ok
14:42:56.0445 0x1414 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
14:42:56.0523 0x1414 luafv - ok
14:42:56.0616 0x1414 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:42:56.0632 0x1414 Mcx2Svc - ok
14:42:56.0694 0x1414 [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
14:42:56.0757 0x1414 mdmxsdk - ok
14:42:56.0803 0x1414 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:42:56.0835 0x1414 megasas - ok
14:42:56.0913 0x1414 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:42:56.0991 0x1414 MegaSR - ok
14:42:57.0115 0x1414 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
14:42:57.0147 0x1414 Microsoft Office Groove Audit Service - ok
14:42:57.0178 0x1414 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
14:42:57.0256 0x1414 MMCSS - ok
14:42:57.0303 0x1414 MobilityService - ok
14:42:57.0318 0x1414 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
14:42:57.0365 0x1414 Modem - ok
14:42:57.0412 0x1414 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:42:57.0474 0x1414 monitor - ok
14:42:57.0521 0x1414 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:42:57.0568 0x1414 mouclass - ok
14:42:57.0615 0x1414 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:42:57.0677 0x1414 mouhid - ok
14:42:57.0724 0x1414 [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:42:57.0739 0x1414 mountmgr - ok
14:42:57.0833 0x1414 [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:42:57.0849 0x1414 MozillaMaintenance - ok
14:42:57.0895 0x1414 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
14:42:57.0958 0x1414 mpio - ok
14:42:58.0020 0x1414 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:42:58.0098 0x1414 mpsdrv - ok
14:42:58.0176 0x1414 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:42:58.0254 0x1414 MpsSvc - ok
14:42:58.0285 0x1414 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:42:58.0363 0x1414 MRxDAV - ok
14:42:58.0395 0x1414 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:42:58.0426 0x1414 mrxsmb - ok
14:42:58.0473 0x1414 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:42:58.0551 0x1414 mrxsmb10 - ok
14:42:58.0597 0x1414 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:42:58.0644 0x1414 mrxsmb20 - ok
14:42:58.0691 0x1414 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
14:42:58.0707 0x1414 msahci - ok
14:42:58.0753 0x1414 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:42:58.0800 0x1414 msdsm - ok
14:42:58.0831 0x1414 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
14:42:58.0925 0x1414 MSDTC - ok
14:42:58.0956 0x1414 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:42:59.0003 0x1414 Msfs - ok
14:42:59.0019 0x1414 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:42:59.0097 0x1414 mshidkmdf - ok
14:42:59.0143 0x1414 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:42:59.0159 0x1414 msisadrv - ok
14:42:59.0206 0x1414 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:42:59.0268 0x1414 MSiSCSI - ok
14:42:59.0284 0x1414 msiserver - ok
14:42:59.0315 0x1414 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:42:59.0393 0x1414 MSKSSRV - ok
14:42:59.0440 0x1414 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:42:59.0518 0x1414 MSPCLOCK - ok
14:42:59.0533 0x1414 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:42:59.0611 0x1414 MSPQM - ok
14:42:59.0674 0x1414 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:42:59.0721 0x1414 MsRPC - ok
14:42:59.0783 0x1414 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:42:59.0799 0x1414 mssmbios - ok
14:42:59.0830 0x1414 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:42:59.0877 0x1414 MSTEE - ok
14:42:59.0939 0x1414 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:43:00.0001 0x1414 MTConfig - ok
14:43:00.0048 0x1414 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
14:43:00.0095 0x1414 Mup - ok
14:43:00.0173 0x1414 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
14:43:00.0235 0x1414 napagent - ok
14:43:00.0313 0x1414 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:43:00.0391 0x1414 NativeWifiP - ok
14:43:00.0438 0x1414 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:43:00.0501 0x1414 NDIS - ok
14:43:00.0547 0x1414 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:43:00.0735 0x1414 NdisCap - ok
14:43:00.0766 0x1414 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:43:00.0844 0x1414 NdisTapi - ok
14:43:00.0875 0x1414 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:43:00.0937 0x1414 Ndisuio - ok
14:43:00.0984 0x1414 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:43:01.0062 0x1414 NdisWan - ok
14:43:01.0093 0x1414 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:43:01.0156 0x1414 NDProxy - ok
14:43:01.0218 0x1414 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:43:01.0312 0x1414 NetBIOS - ok
14:43:01.0359 0x1414 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:43:01.0421 0x1414 NetBT - ok
14:43:01.0468 0x1414 [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] Netlogon C:\Windows\system32\lsass.exe
14:43:01.0483 0x1414 Netlogon - ok
14:43:01.0561 0x1414 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
14:43:01.0639 0x1414 Netman - ok
14:43:01.0702 0x1414 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:43:01.0764 0x1414 NetMsmqActivator - ok
14:43:01.0780 0x1414 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:43:01.0795 0x1414 NetPipeActivator - ok
14:43:01.0842 0x1414 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
14:43:01.0920 0x1414 netprofm - ok
14:43:01.0951 0x1414 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:43:01.0967 0x1414 NetTcpActivator - ok
14:43:01.0983 0x1414 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:43:01.0998 0x1414 NetTcpPortSharing - ok
14:43:02.0201 0x1414 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
14:43:02.0419 0x1414 netw5v32 - ok
14:43:02.0497 0x1414 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:43:02.0529 0x1414 nfrd960 - ok
14:43:02.0560 0x1414 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:43:02.0685 0x1414 NlaSvc - ok
14:43:02.0716 0x1414 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:43:02.0778 0x1414 Npfs - ok
14:43:02.0825 0x1414 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
14:43:02.0934 0x1414 nsi - ok
14:43:02.0965 0x1414 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:43:03.0012 0x1414 nsiproxy - ok
14:43:03.0106 0x1414 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:43:03.0199 0x1414 Ntfs - ok
14:43:03.0402 0x1414 [ A2B6583A5652A385DFF5E4F49AD48761, 7214F722DE8EAEE9F33FF3AAE32AF14BEA8D1CE71680B813130D4AA41E8D32C8 ] NTIBackupSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
14:43:03.0418 0x1414 NTIBackupSvc - detected UnsignedFile.Multi.Generic ( 1 )
14:43:06.0101 0x1414 Detect skipped due to KSN trusted
14:43:06.0101 0x1414 NTIBackupSvc - ok
14:43:06.0179 0x1414 [ 2757D2BA59AEE155209E24942AB127C9, 60C8571D548901A68591F1C7C548B40FA1086D21D23B8CB1083A8AE50760FE87 ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys
14:43:06.0241 0x1414 NTIDrvr - ok
14:43:06.0273 0x1414 [ 40B87FE8A1A9A5AC9E5A91D96F212BCD, 0C0BE4EF2999613B1559F9A709B31DB1E5EBB3336732A24D5C3E705461549E24 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
14:43:06.0273 0x1414 NTISchedulerSvc - detected UnsignedFile.Multi.Generic ( 1 )
14:43:09.0018 0x1414 Detect skipped due to KSN trusted
14:43:09.0018 0x1414 NTISchedulerSvc - ok
14:43:09.0190 0x1414 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
14:43:09.0346 0x1414 Null - ok
14:43:09.0377 0x1414 [ 07CA8C569E8D6231512E7E0C04543C99, B55AA7162C24F46403D82558FD9E58977AFFD209C2C8F9E1F83675D975EE154D ] nuvotonhidgeneric C:\Windows\system32\DRIVERS\nuvotonhidgeneric.sys
14:43:09.0455 0x1414 nuvotonhidgeneric - ok
14:43:09.0502 0x1414 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:43:09.0533 0x1414 nvraid - ok
14:43:09.0564 0x1414 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:43:09.0642 0x1414 nvstor - ok
14:43:09.0673 0x1414 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:43:09.0720 0x1414 nv_agp - ok
14:43:09.0845 0x1414 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:43:09.0954 0x1414 odserv - ok
14:43:09.0985 0x1414 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:43:10.0032 0x1414 ohci1394 - ok
14:43:10.0095 0x1414 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:43:10.0141 0x1414 ose - ok
14:43:10.0204 0x1414 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:43:10.0251 0x1414 p2pimsvc - ok
14:43:10.0313 0x1414 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
14:43:10.0360 0x1414 p2psvc - ok
14:43:10.0407 0x1414 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:43:10.0469 0x1414 Parport - ok
14:43:10.0516 0x1414 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:43:10.0563 0x1414 partmgr - ok
14:43:10.0578 0x1414 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
14:43:10.0641 0x1414 Parvdm - ok
14:43:10.0703 0x1414 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
14:43:10.0812 0x1414 PcaSvc - ok
14:43:10.0843 0x1414 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
14:43:10.0875 0x1414 pci - ok
14:43:10.0921 0x1414 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
14:43:10.0968 0x1414 pciide - ok
14:43:11.0015 0x1414 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:43:11.0062 0x1414 pcmcia - ok
14:43:11.0093 0x1414 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
14:43:11.0140 0x1414 pcw - ok
14:43:11.0249 0x1414 [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files\PDF Architect\HelperService.exe
14:43:11.0343 0x1414 PDF Architect Helper Service - ok
14:43:11.0436 0x1414 [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files\PDF Architect\ConversionService.exe
14:43:11.0483 0x1414 PDF Architect Service - ok
14:43:11.0561 0x1414 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:43:11.0701 0x1414 PEAUTH - ok
14:43:11.0826 0x1414 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
14:43:12.0045 0x1414 pla - ok
14:43:12.0091 0x1414 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:43:12.0154 0x1414 PlugPlay - ok
14:43:12.0185 0x1414 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:43:12.0216 0x1414 PNRPAutoReg - ok
14:43:12.0247 0x1414 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:43:12.0279 0x1414 PNRPsvc - ok
14:43:12.0325 0x1414 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:43:12.0403 0x1414 PolicyAgent - ok
14:43:12.0481 0x1414 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
14:43:12.0528 0x1414 Power - ok
14:43:12.0591 0x1414 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:43:12.0637 0x1414 PptpMiniport - ok
14:43:12.0684 0x1414 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:43:12.0762 0x1414 Processor - ok
14:43:12.0809 0x1414 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
14:43:12.0856 0x1414 ProfSvc - ok
14:43:12.0871 0x1414 [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] ProtectedStorage C:\Windows\system32\lsass.exe
14:43:12.0887 0x1414 ProtectedStorage - ok
14:43:12.0934 0x1414 [ F115AF58ABE5605D7D709CBFBD83F418, 4855FCD6E455D6E374CE92E5B37D61E7E6D8A861BA76521E7CC2542621853471 ] ProtexisLicensing C:\Windows\system32\PSIService.exe
14:43:12.0965 0x1414 ProtexisLicensing - ok
14:43:12.0996 0x1414 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:43:13.0043 0x1414 Psched - ok
14:43:13.0074 0x1414 [ 628321C8DD76AD369B362B202E655A68, 751756AB21D5C1885EF74C3878C5625860AF2934920DA015237D614399976C5A ] PSDFilter C:\Windows\system32\DRIVERS\psdfilter.sys
14:43:13.0121 0x1414 PSDFilter - ok
14:43:13.0152 0x1414 [ 79D7117E62709C7690CF3DD55ACEAD37, BB05CD9B7B966AD5B26DA8647CCB0FD0786CDD3C7BB22FCEE5005CD4A253FBD9 ] PSDNServ C:\Windows\system32\DRIVERS\PSDNServ.sys
14:43:13.0215 0x1414 PSDNServ - ok
14:43:13.0246 0x1414 [ CAE5E82827990CF4BD4A49576BDE3A43, 3A8B9CF9A8F50337F164F4996AB05602EEA403054577253FFFFEBB0B70F77208 ] psdvdisk C:\Windows\system32\DRIVERS\PSDVdisk.sys
14:43:13.0293 0x1414 psdvdisk - ok
14:43:13.0339 0x1414 [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
14:43:13.0355 0x1414 PSI_SVC_2 - ok
14:43:13.0386 0x1414 [ 49452BFCEC22F36A7A9B9C2181BC3042, C01A2005E9897B142FF9BC6155770F70C19725C425E48D14239195E81E2E42D0 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
14:43:13.0402 0x1414 PxHelp20 - ok
14:43:13.0495 0x1414 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:43:13.0683 0x1414 ql2300 - ok
14:43:13.0698 0x1414 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:43:13.0714 0x1414 ql40xx - ok
14:43:13.0761 0x1414 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
14:43:13.0839 0x1414 QWAVE - ok
14:43:13.0870 0x1414 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:43:14.0026 0x1414 QWAVEdrv - ok
14:43:14.0041 0x1414 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:43:14.0104 0x1414 RasAcd - ok
14:43:14.0151 0x1414 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:43:14.0213 0x1414 RasAgileVpn - ok
14:43:14.0260 0x1414 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
14:43:14.0322 0x1414 RasAuto - ok
14:43:14.0338 0x1414 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:43:14.0400 0x1414 Rasl2tp - ok
14:43:14.0431 0x1414 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
14:43:14.0509 0x1414 RasMan - ok
14:43:14.0525 0x1414 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:43:14.0603 0x1414 RasPppoe - ok
14:43:14.0697 0x1414 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:43:14.0728 0x1414 RasSstp - ok
14:43:14.0759 0x1414 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:43:14.0899 0x1414 rdbss - ok
14:43:14.0931 0x1414 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:43:15.0009 0x1414 rdpbus - ok
14:43:15.0040 0x1414 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:43:15.0071 0x1414 RDPCDD - ok
14:43:15.0102 0x1414 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:43:15.0149 0x1414 RDPENCDD - ok
14:43:15.0180 0x1414 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:43:15.0211 0x1414 RDPREFMP - ok
14:43:15.0305 0x1414 [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:43:15.0399 0x1414 RdpVideoMiniport - ok
14:43:15.0461 0x1414 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:43:15.0523 0x1414 RDPWD - ok
14:43:15.0570 0x1414 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:43:15.0617 0x1414 rdyboost - ok
14:43:15.0789 0x1414 [ 3FF45B7F17D5837216ABAE652CC61540, 33AF3C99247DD5779CF02AC7C2E170C31CCFAB0282D68AAB606CD6A3279B99E7 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:43:15.0820 0x1414 RegSrvc - detected UnsignedFile.Multi.Generic ( 1 )
14:43:18.0612 0x1414 Detect skipped due to KSN trusted
14:43:18.0612 0x1414 RegSrvc - ok
14:43:18.0675 0x1414 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:43:18.0737 0x1414 RemoteAccess - ok
14:43:18.0784 0x1414 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:43:18.0877 0x1414 RemoteRegistry - ok
14:43:18.0940 0x1414 [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:43:18.0987 0x1414 RFCOMM - ok
14:43:19.0018 0x1414 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:43:19.0049 0x1414 RpcEptMapper - ok
14:43:19.0111 0x1414 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
14:43:19.0127 0x1414 RpcLocator - ok
14:43:19.0205 0x1414 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
14:43:19.0314 0x1414 RpcSs - ok
14:43:19.0408 0x1414 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:43:19.0533 0x1414 rspndr - ok
14:43:19.0611 0x1414 [ 247B0A8164069CD4FE6F3094C581B13B, D1B91FBBFCF51B60E8515F12C611EE86DB6D016F445E91A74DD25F3E1BBD5ADA ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
14:43:19.0673 0x1414 RSUSBSTOR - ok
14:43:19.0704 0x1414 [ 87407B31EA6FF0DC4765258164B98BEA, 44C606DB6A404B06417762CB60F2B6ED5EC662F0F4312F54A4FF5BC3D5AEF3F8 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
14:43:19.0720 0x1414 RTHDMIAzAudService - ok
14:43:19.0735 0x1414 RTSTOR - ok
14:43:19.0767 0x1414 [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] SamSs C:\Windows\system32\lsass.exe
14:43:19.0782 0x1414 SamSs - ok
14:43:19.0813 0x1414 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:43:19.0829 0x1414 sbp2port - ok
14:43:19.0860 0x1414 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:43:19.0969 0x1414 SCardSvr - ok
14:43:20.0047 0x1414 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:43:20.0094 0x1414 scfilter - ok
14:43:20.0172 0x1414 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
14:43:20.0281 0x1414 Schedule - ok
14:43:20.0297 0x1414 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:43:20.0344 0x1414 SCPolicySvc - ok
14:43:20.0422 0x1414 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:43:20.0500 0x1414 SDRSVC - ok
14:43:20.0625 0x1414 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
14:43:20.0765 0x1414 SDScannerService - ok
14:43:20.0874 0x1414 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:43:20.0999 0x1414 SDUpdateService - ok
14:43:21.0030 0x1414 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
14:43:21.0046 0x1414 SDWSCService - ok
14:43:21.0093 0x1414 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:43:21.0139 0x1414 secdrv - ok
14:43:21.0171 0x1414 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
14:43:21.0280 0x1414 seclogon - ok
14:43:21.0295 0x1414 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
14:43:21.0327 0x1414 SENS - ok
14:43:21.0373 0x1414 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:43:21.0451 0x1414 SensrSvc - ok
14:43:21.0467 0x1414 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:43:21.0483 0x1414 Serenum - ok
14:43:21.0529 0x1414 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:43:21.0607 0x1414 Serial - ok
14:43:21.0670 0x1414 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:43:21.0717 0x1414 sermouse - ok
14:43:21.0779 0x1414 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
14:43:21.0888 0x1414 SessionEnv - ok
14:43:21.0919 0x1414 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:43:21.0966 0x1414 sffdisk - ok
14:43:21.0982 0x1414 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:43:22.0044 0x1414 sffp_mmc - ok
14:43:22.0075 0x1414 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:43:22.0216 0x1414 sffp_sd - ok
14:43:22.0247 0x1414 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:43:22.0294 0x1414 sfloppy - ok
14:43:22.0356 0x1414 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:43:22.0403 0x1414 SharedAccess - ok
14:43:22.0465 0x1414 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:43:22.0512 0x1414 ShellHWDetection - ok
14:43:22.0543 0x1414 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:43:22.0606 0x1414 sisagp - ok
14:43:22.0684 0x1414 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:43:22.0699 0x1414 SiSRaid2 - ok
14:43:22.0715 0x1414 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:43:22.0809 0x1414 SiSRaid4 - ok
14:43:22.0887 0x1414 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:43:22.0918 0x1414 SkypeUpdate - ok
14:43:22.0933 0x1414 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:43:23.0011 0x1414 Smb - ok
14:43:23.0058 0x1414 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:43:23.0121 0x1414 SNMPTRAP - ok
14:43:23.0152 0x1414 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
14:43:23.0214 0x1414 spldr - ok
14:43:23.0261 0x1414 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
14:43:23.0370 0x1414 Spooler - ok
14:43:23.0511 0x1414 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
14:43:23.0667 0x1414 sppsvc - ok
14:43:23.0713 0x1414 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:43:23.0760 0x1414 sppuinotify - ok
14:43:23.0791 0x1414 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:43:23.0963 0x1414 srv - ok
14:43:23.0994 0x1414 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:43:24.0072 0x1414 srv2 - ok
14:43:24.0088 0x1414 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:43:24.0150 0x1414 srvnet - ok
14:43:24.0197 0x1414 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:43:24.0259 0x1414 SSDPSRV - ok
14:43:24.0322 0x1414 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
14:43:24.0353 0x1414 ssmdrv - ok
14:43:24.0400 0x1414 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:43:24.0462 0x1414 SstpSvc - ok
14:43:24.0556 0x1414 [ 5FFDA96330357A914A69D79BE1988A38, E2A03A8D108C210B1111E2466E3DD381F0FA440B95B5013DC728EAD9CFE448AF ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
14:43:24.0634 0x1414 Steam Client Service - ok
14:43:24.0727 0x1414 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:43:24.0774 0x1414 stexstor - ok
14:43:24.0821 0x1414 [ EDB05BD63148796F23EA78506404A538, 8EBF623D3DEB6CCAC75AAFCF8B23271029A28BE29D459088E40FBF109E80AA17 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:43:24.0852 0x1414 StillCam - ok
14:43:24.0915 0x1414 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
14:43:25.0008 0x1414 StiSvc - ok
14:43:25.0024 0x1414 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
14:43:25.0071 0x1414 swenum - ok
14:43:25.0117 0x1414 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
14:43:25.0211 0x1414 swprv - ok
14:43:25.0258 0x1414 [ 4C9BB4B3B9EAC26211484C30B914C6DC, 2F90146A72E666B5D990B8B7C66F56EAC540565AC7C57F6905714AE65B597C40 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:43:25.0351 0x1414 SynTP - ok
14:43:25.0476 0x1414 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
14:43:25.0585 0x1414 SysMain - ok
14:43:25.0617 0x1414 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
14:43:25.0695 0x1414 TabletInputService - ok
14:43:25.0726 0x1414 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
14:43:25.0819 0x1414 TapiSrv - ok
14:43:25.0851 0x1414 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
14:43:25.0882 0x1414 TBS - ok
14:43:25.0944 0x1414 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:43:26.0022 0x1414 Tcpip - ok
14:43:26.0147 0x1414 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:43:26.0178 0x1414 TCPIP6 - ok
14:43:26.0256 0x1414 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:43:26.0287 0x1414 tcpipreg - ok
14:43:26.0319 0x1414 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:43:26.0397 0x1414 TDPIPE - ok
14:43:26.0412 0x1414 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:43:26.0475 0x1414 TDTCP - ok
14:43:26.0506 0x1414 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:43:26.0568 0x1414 tdx - ok
14:43:26.0584 0x1414 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:43:26.0631 0x1414 TermDD - ok
14:43:26.0709 0x1414 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
14:43:26.0771 0x1414 TermService - ok
14:43:26.0818 0x1414 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
14:43:26.0833 0x1414 Themes - ok
14:43:26.0865 0x1414 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
14:43:26.0896 0x1414 THREADORDER - ok
14:43:26.0927 0x1414 [ 90AFA1A4451BBBEE87C9F18A665D8121, 592AE754F117018E8777C541437544E1BC7FD93F460F3EE5DDBBC150448BFBD7 ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys
14:43:26.0927 0x1414 tosporte - ok
14:43:26.0974 0x1414 [ 51D7F024A66814F8BEE33E4BE394A03E, E8C4A9DE8AA0C17CC940B57DAD0BEF27CCB688DF4FEB879B801295D5A4B5A4A9 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
14:43:27.0005 0x1414 tosrfbd - ok
14:43:27.0036 0x1414 [ 74392BAB3F0D4810DA8436EC79D6955D, 8BF02D67CE1B1C4F2E3624FF6EFEA798F8735F3D8B8AF82D0754B0A63BDCCA38 ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys
14:43:27.0083 0x1414 tosrfbnp - ok
14:43:27.0114 0x1414 [ 1AD9EB1B5ABD0AEEE4084C8153476F1E, 8B527DDB38710B5A19956DDF56AE8CDDD9590ADD4731CACB7086A8626CF4A29B ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys
14:43:27.0145 0x1414 Tosrfcom - ok
14:43:27.0208 0x1414 [ A72A3473180F378CC07D342803FFD580, A3CCF5CD9A3EE8B8FF9E9175BEB51783F9378B22562D90A8D901FD8BE901CCD3 ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
14:43:27.0270 0x1414 Tosrfhid - ok
14:43:27.0286 0x1414 [ B2A1A6538245FD69578224BBF2FD4677, 0393ECF2541A269169BA23D007266750958CD35E05FA7FCBEE1CF9727E07D9C4 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys
14:43:27.0317 0x1414 tosrfnds - ok
14:43:27.0364 0x1414 [ F1CA74CCA8241D8B8A024AECC643C547, 4787DCFCFDEEE9642D5681FE9DEB9B22C4E51790A7BA9CC32156EEE713C0D02B ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys
14:43:27.0379 0x1414 TosRfSnd - ok
14:43:27.0411 0x1414 [ CAB2AB2916DCB86DF6AE034F319C0238, 5B42CDE023EE3D87D52745157B4BD546E56983310903011E1EB93AF601DDB46D ] tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
14:43:27.0442 0x1414 tosrfusb - ok
14:43:27.0504 0x1414 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
14:43:27.0551 0x1414 TrkWks - ok
14:43:27.0613 0x1414 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:43:27.0660 0x1414 TrustedInstaller - ok
14:43:27.0691 0x1414 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:43:27.0723 0x1414 tssecsrv - ok
14:43:27.0785 0x1414 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:43:27.0816 0x1414 TsUsbFlt - ok
14:43:27.0847 0x1414 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:43:27.0894 0x1414 tunnel - ok
14:43:27.0941 0x1414 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:43:27.0957 0x1414 uagp35 - ok
14:43:27.0988 0x1414 [ F763E070843EE2803DE1395002B42938, 0060F5D7AD091D7F0CC25C98AB9DD8258A9837958AFE845971CD04E29A6A8658 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
14:43:28.0019 0x1414 UBHelper - ok
14:43:28.0066 0x1414 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:43:28.0128 0x1414 udfs - ok
14:43:28.0175 0x1414 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:43:28.0222 0x1414 UI0Detect - ok
14:43:28.0237 0x1414 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:43:28.0269 0x1414 uliagpkx - ok
14:43:28.0315 0x1414 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys
14:43:28.0378 0x1414 umbus - ok
14:43:28.0409 0x1414 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:43:28.0456 0x1414 UmPass - ok
14:43:28.0487 0x1414 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
14:43:28.0565 0x1414 upnphost - ok
14:43:28.0612 0x1414 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:43:28.0659 0x1414 usbccgp - ok
14:43:28.0705 0x1414 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:43:28.0768 0x1414 usbcir - ok
14:43:28.0846 0x1414 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:43:28.0893 0x1414 usbehci - ok
14:43:28.0955 0x1414 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:43:29.0002 0x1414 usbhub - ok
14:43:29.0033 0x1414 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:43:29.0080 0x1414 usbohci - ok
14:43:29.0111 0x1414 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:43:29.0158 0x1414 usbprint - ok
14:43:29.0189 0x1414 [ 20158F032EEA4FC501118F1992FDF57D, CD81F7501432D5FBBEF4FA9DBAE16E5D080EFE49B5441949E373C6CBFBAB6035 ] usbrndis6 C:\Windows\system32\DRIVERS\usb80236.sys
14:43:29.0251 0x1414 usbrndis6 - ok
14:43:29.0283 0x1414 [ 576096CCBC07E7C4EA4F5E6686D6888F, 8C643F43BD0017979548389C4DB36A1EE872CCF19C86FAE3752A4989173E28ED ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:43:29.0314 0x1414 usbscan - ok
14:43:29.0361 0x1414 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:43:29.0423 0x1414 USBSTOR - ok
14:43:29.0454 0x1414 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:43:29.0470 0x1414 usbuhci - ok
14:43:29.0532 0x1414 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:43:29.0579 0x1414 usbvideo - ok
14:43:29.0610 0x1414 [ D82F43D15FDAA666856C0190CB73E7C9, A998F5F0535ADCFE0E6F37E4B222262F59D4E43CB596D62E785EF8E0D7E296F6 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
14:43:29.0626 0x1414 usb_rndisx - ok
14:43:29.0688 0x1414 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
14:43:29.0735 0x1414 UxSms - ok
14:43:29.0766 0x1414 [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] VaultSvc C:\Windows\system32\lsass.exe
14:43:29.0782 0x1414 VaultSvc - ok
14:43:29.0829 0x1414 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:43:29.0844 0x1414 vdrvroot - ok
14:43:29.0891 0x1414 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
14:43:29.0985 0x1414 vds - ok
14:43:30.0016 0x1414 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:43:30.0078 0x1414 vga - ok
14:43:30.0109 0x1414 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:43:30.0156 0x1414 VgaSave - ok
14:43:30.0203 0x1414 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:43:30.0234 0x1414 vhdmp - ok
14:43:30.0265 0x1414 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:43:30.0281 0x1414 viaagp - ok
14:43:30.0312 0x1414 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
14:43:30.0359 0x1414 ViaC7 - ok
14:43:30.0390 0x1414 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
14:43:30.0406 0x1414 viaide - ok
14:43:30.0437 0x1414 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:43:30.0468 0x1414 volmgr - ok
14:43:30.0499 0x1414 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:43:30.0531 0x1414 volmgrx - ok
14:43:30.0577 0x1414 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:43:30.0671 0x1414 volsnap - ok
14:43:30.0718 0x1414 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:43:30.0733 0x1414 vsmraid - ok
14:43:30.0796 0x1414 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
14:43:30.0936 0x1414 VSS - ok
14:43:30.0967 0x1414 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:43:30.0999 0x1414 vwifibus - ok
14:43:31.0077 0x1414 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
14:43:31.0139 0x1414 W32Time - ok
14:43:31.0155 0x1414 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:43:31.0201 0x1414 WacomPen - ok
14:43:31.0248 0x1414 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:43:31.0311 0x1414 WANARP - ok
14:43:31.0311 0x1414 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:43:31.0342 0x1414 Wanarpv6 - ok
14:43:31.0404 0x1414 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
14:43:31.0576 0x1414 wbengine - ok
14:43:31.0654 0x1414 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:43:31.0701 0x1414 WbioSrvc - ok
14:43:31.0747 0x1414 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:43:31.0794 0x1414 wcncsvc - ok
14:43:31.0825 0x1414 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:43:31.0888 0x1414 WcsPlugInService - ok
14:43:31.0919 0x1414 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:43:31.0950 0x1414 Wd - ok
14:43:32.0013 0x1414 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:43:32.0091 0x1414 Wdf01000 - ok
14:43:32.0122 0x1414 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:43:32.0153 0x1414 WdiServiceHost - ok
14:43:32.0153 0x1414 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:43:32.0169 0x1414 WdiSystemHost - ok
14:43:32.0215 0x1414 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
14:43:32.0262 0x1414 WebClient - ok
14:43:32.0309 0x1414 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:43:32.0356 0x1414 Wecsvc - ok
14:43:32.0387 0x1414 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:43:32.0434 0x1414 wercplsupport - ok
14:43:32.0543 0x1414 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
14:43:32.0574 0x1414 WerSvc - ok
14:43:32.0605 0x1414 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:43:32.0668 0x1414 WfpLwf - ok
14:43:32.0699 0x1414 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:43:32.0715 0x1414 WIMMount - ok
14:43:32.0793 0x1414 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA, 711DD957AF98F1B835ECE0FEBCCF8FCC7763F1DAA232F1C9E80DE6DA123C7F33 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
14:43:32.0855 0x1414 winachsf - ok
14:43:32.0917 0x1414 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:43:33.0073 0x1414 WinDefend - ok
14:43:33.0073 0x1414 WinHttpAutoProxySvc - ok
14:43:33.0151 0x1414 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:43:33.0214 0x1414 Winmgmt - ok
14:43:33.0292 0x1414 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
14:43:33.0432 0x1414 WinRM - ok
14:43:33.0463 0x1414 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
14:43:33.0510 0x1414 WinUsb - ok
14:43:33.0557 0x1414 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:43:33.0635 0x1414 Wlansvc - ok
14:43:33.0713 0x1414 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:43:33.0729 0x1414 WmiAcpi - ok
14:43:33.0775 0x1414 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:43:33.0822 0x1414 wmiApSrv - ok
14:43:33.0947 0x1414 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:43:34.0072 0x1414 WMPNetworkSvc - ok
14:43:34.0103 0x1414 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:43:34.0181 0x1414 WPCSvc - ok
14:43:34.0212 0x1414 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:43:34.0290 0x1414 WPDBusEnum - ok
14:43:34.0337 0x1414 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:43:34.0431 0x1414 ws2ifsl - ok
14:43:34.0462 0x1414 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
14:43:34.0477 0x1414 wscsvc - ok
14:43:34.0493 0x1414 WSearch - ok
14:43:34.0587 0x1414 [ 7E5C454A3F986FEBAD075DB8D915917E, 9E9147DDACD075958689523130DB92FC4ED0E38433461D8AB8792BCFBD9376DA ] wuauserv C:\Windows\system32\wuaueng.dll
14:43:34.0727 0x1414 wuauserv - ok
14:43:34.0774 0x1414 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:43:34.0821 0x1414 WudfPf - ok
14:43:34.0852 0x1414 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\drivers\WUDFRd.sys
14:43:34.0914 0x1414 WUDFRd - ok
14:43:34.0945 0x1414 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:43:34.0992 0x1414 wudfsvc - ok
14:43:35.0039 0x1414 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
14:43:35.0133 0x1414 WwanSvc - ok
14:43:35.0179 0x1414 [ 88AF537264F2B818DA15479CEEAF5D7C, E0F95D6448FFB77351BB63ED444238F891B16748FD09F8BCCA23BEC4E341A96B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
14:43:35.0179 0x1414 XAudio - ok
14:43:35.0211 0x1414 [ 15A317674A08DF26BE65164D959E9203, 6EEE0D1711F37936D157651E265A65137BCBFBDA17F066C844BAA0D53558F86A ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
14:43:35.0242 0x1414 XAudioService - ok
14:43:35.0351 0x1414 [ 74EC37B9EAF9FCA015B933A526825C7A, E75D73422B4383210F912B424377D5F2DBBF0E9418A2F450636B689572B1B9F6 ] {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl
14:43:35.0382 0x1414 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
14:43:35.0538 0x1414 [ 556B5CFE8D21B256ADD7F87D7F4B4123, 7D3CC5C0DAC1CC418E9692CCCBBBC61AB0124E0280DA366B2A7F207F61CE9BAD ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
14:43:35.0569 0x1414 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
14:43:35.0694 0x1414 ================ Scan global ===============================
14:43:35.0757 0x1414 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
14:43:35.0788 0x1414 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
14:43:35.0819 0x1414 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
14:43:35.0866 0x1414 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
14:43:35.0897 0x1414 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
14:43:35.0975 0x1414 [ Global ] - ok
14:43:35.0975 0x1414 ================ Scan MBR ==================================
14:43:36.0006 0x1414 [ BB9D3A6A13C5010348DA7C900BB6AF50 ] \Device\Harddisk0\DR0
14:43:36.0771 0x1414 \Device\Harddisk0\DR0 - ok
14:43:36.0771 0x1414 ================ Scan VBR ==================================
14:43:36.0771 0x1414 [ 6B3BB12230BFC00805D4B40CA5836595 ] \Device\Harddisk0\DR0\Partition1
14:43:36.0771 0x1414 \Device\Harddisk0\DR0\Partition1 - ok
14:43:36.0771 0x1414 [ B65689E123D0D332D93E2C2B001BF690 ] \Device\Harddisk0\DR0\Partition2
14:43:36.0802 0x1414 \Device\Harddisk0\DR0\Partition2 - ok
14:43:36.0802 0x1414 ================ Scan generic autorun ======================
14:43:36.0911 0x1414 [ 66177D4C99FD8B578C7C56DE445E4D5D, 003D0254D7C693A72DE84CB76858F8D67D9FD62206F1B56DF7F5D0FA834C3BA7 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
14:43:36.0942 0x1414 avgnt - ok
14:43:37.0098 0x1414 [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
14:43:37.0270 0x1414 SDTray - ok
14:43:37.0317 0x1414 [ 260E2DB7DF95FCE6D6FABA8A1D5885FF, 143F326F6CA8FA56E3807D8FDF0B9675750321F4C3B7184B0D2FC754DCC34159 ] C:\Program Files\Avira\Launcher\Avira.OE.Systray.exe
14:43:37.0348 0x1414 Avira Systray - ok
14:43:37.0426 0x1414 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
14:43:37.0597 0x1414 Sidebar - ok
14:43:37.0629 0x1414 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
14:43:37.0707 0x1414 mctadmin - ok
14:43:37.0753 0x1414 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
14:43:37.0800 0x1414 Sidebar - ok
14:43:37.0800 0x1414 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
14:43:37.0831 0x1414 mctadmin - ok
14:43:37.0894 0x1414 [ 43D083268A0919F3527A2837390BAF63, 58B62697B01B8C9396271A64424178691FA85D4625DAF2AC8DE7F06A64F64C2A ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
14:43:37.0909 0x1414 ISUSPM - ok
14:43:38.0097 0x1414 [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
14:43:38.0424 0x1414 Spybot-S&D Cleaning - ok
14:43:38.0424 0x1414 Waiting for KSN requests completion. In queue: 163
14:43:39.0438 0x1414 Waiting for KSN requests completion. In queue: 163
14:43:40.0452 0x1414 Waiting for KSN requests completion. In queue: 163
14:43:41.0575 0x1414 AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x41000 ( enabled : updated )
14:43:41.0575 0x1414 Win FW state via NFP2: enabled
14:43:44.0305 0x1414 ============================================================
14:43:44.0305 0x1414 Scan finished
14:43:44.0305 0x1414 ============================================================
14:43:44.0305 0x0ac8 Detected object count: 0
14:43:44.0305 0x0ac8 Actual detected object count: 0
|
|
30.05.2015, 13:51
| #4 |
| | Windows 7 Windows Explorer schließt sich immer Hier noch das Logfile von GMER als Code-Tag Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-05-29 20:29:46
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\Stefanie\AppData\Local\Temp\fglyruog.sys
---- System - GMER 2.1 ----
SSDT 91C88586 ZwCreateSection
SSDT 91C8855E ZwCreateSymbolicLinkObject
SSDT 91C88563 ZwLoadDriver
SSDT 91C88559 ZwOpenSection
SSDT 91C88590 ZwRequestWaitReplyPort
SSDT 91C8858B ZwSetContextThread
SSDT 91C88595 ZwSetSecurityObject
SSDT 91C88568 ZwSetSystemInformation
SSDT 91C8859A ZwSystemDebugControl
SSDT 91C88527 ZwTerminateProcess
SSDT 91C88522 ZwWriteVirtualMemory
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRequestPort + 14AD 8348FBB5 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 834C9B92 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 834D10BC 4 Bytes [86, 85, C8, 91]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11FF 834D10C4 4 Bytes [5E, 85, C8, 91] {POP ESI; TEST EAX, ECX; XCHG ECX, EAX}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1313 834D11D8 4 Bytes [63, 85, C8, 91]
.text ntkrnlpa.exe!KeRemoveQueueEx + 13AF 834D1274 4 Bytes [59, 85, C8, 91] {POP ECX; TEST EAX, ECX; XCHG ECX, EAX}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1553 834D1418 4 Bytes [90, 85, C8, 91] {NOP ; TEST EAX, ECX; XCHG ECX, EAX}
.text ...
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x91E07000, 0x2BFBF0, 0xE8000020]
.text C:\Windows\system32\drivers\ACEDRV05.sys section is writeable [0x91001000, 0x30A4A, 0xE8000020]
.pklstb C:\Windows\system32\drivers\ACEDRV05.sys entry point in ".pklstb" section [0x91043000]
.relo2 C:\Windows\system32\drivers\ACEDRV05.sys unknown last section [0x9105E000, 0x8E, 0x42000040]
.reloc C:\Windows\system32\drivers\acedrv11.sys section is executable [0xA162F580, 0x29E04, 0xE0000060]
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0xA165A300, 0x3B6D8, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0xA16B1300, 0x1BEE, 0xE8000020]
.text C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl section is writeable [0xA17AE000, 0x2892, 0xE8000020]
.vmp2 C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl entry point in ".vmp2" section [0xA17D1050]
.text C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl section is writeable [0xA17AE000, 0x2892, 0xE8000020]
.vmp2 C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl entry point in ".vmp2" section [0xA17D1050]
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v2.0.50727/mscorwks.dll
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v2.0.50727/mscorwks.dll@\Device\HarddiskVolume2\Program Files\Acer\Empowering Technology\Service\ETService.exe 0xDC 0x7A 0xBC 0x5B ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v2.0.50727/mscorwks.dll@\Device\HarddiskVolume2\Acer\Mobility Center\MobilityService.exe 0x41 0x33 0x69 0x6A ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v2.0.50727/mscorwks.dll@\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 0xEF 0x0F 0xBD 0x59 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v2.0.50727/mscorwks.dll@\Device\HarddiskVolume2\Windows\System32\sdiagnhost.exe 0xF9 0x21 0x97 0xB8 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v2.0.50727/mscorwks.dll@\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe 0xA5 0xF4 0xCB 0xA9 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v2.0.50727/mscorwks.dll@\Device\HarddiskVolume2\Windows\Temp\RunBoot-Temp_.f2bcf8ad-06d3-42ac-bbae-daf440e4a738\MatsBoot.exe 0x1D 0xB9 0xA7 0x21 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v2.0.50727/mscorwks.dll@\Device\HarddiskVolume2\Windows\System32\mmc.exe 0x83 0xF2 0xA8 0xC1 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v2.0.50727/mscorwks.dll@\Device\HarddiskVolume2\Program Files\Windows Sidebar\sidebar.exe 0x75 0xBB 0x12 0xD9 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v2.0.50727/mscorwks.dll@\Device\HarddiskVolume2\Windows\ehome\ehshell.exe 0x55 0x8F 0x61 0x13 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v2.0.50727/mscorwks.dll@\Device\HarddiskVolume2\Windows\ehome\ehrec.exe 0xA7 0x83 0xC5 0x22 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v2.0.50727/mscorwks.dll@\Device\HarddiskVolume2\Windows\ehome\mcupdate.exe 0xD1 0x57 0x11 0xD8 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v2.0.50727/mscorwks.dll@\Device\HarddiskVolume2\Windows\ehome\mcGlidHost.exe 0xF4 0xDB 0x1E 0x27 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v2.0.50727/mscorwks.dll@\Device\HarddiskVolume2\Users\Stefanie\Downloads\FRST.exe 0x45 0x1A 0x64 0x73 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v4.0.30319/clr.dll
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v4.0.30319/clr.dll@\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 0x70 0x95 0xC6 0x59 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v4.0.30319/clr.dll@\Device\HarddiskVolume2\Windows\System32\CompatTel\wicainventory.exe 0x63 0x9F 0xDF 0x8A ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v4.0.30319/clr.dll@\Device\HarddiskVolume2\Windows\System32\rundll32.exe 0xC5 0xEA 0xBA 0x95 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v4.0.30319/clr.dll@\Device\HarddiskVolume2\Users\Stefanie\AppData\Local\Temp\DMR\dmr_72.exe 0xBF 0x50 0x05 0xBD ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v4.0.30319/clr.dll@\Device\HarddiskVolume2\Program Files\Avira\Launcher\Avira.ServiceHost.exe 0x47 0xDD 0x25 0x7F ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v4.0.30319/clr.dll@\Device\HarddiskVolume2\Program Files\Avira\Launcher\Avira.OE.Systray.exe 0x50 0x9D 0x18 0xA1 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v4.0.30319/clr.dll@\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe 0x59 0x6C 0x18 0x94 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v4.0.30319/clr.dll@\Device\HarddiskVolume2\Windows\System32\msiexec.exe 0x38 0x24 0x8C 0xE2 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v4.0.30319/clr.dll@\Device\HarddiskVolume2\Users\Stefanie\Downloads\OTL.exe 0xB2 0x0F 0x49 0xE8 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\Module\Microsoft.NET/Framework/v4.0.30319/clr.dll@\Device\HarddiskVolume2\Users\Stefanie\Downloads\FRST.exe 0x47 0x8A 0x06 0x7D ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@6DDADBEF 3653
Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{DB3C0A5E-8B65-11DE-9BCC-806E6F6E6963} 8417330160
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-05-2015 01
Ran by Stefanie (administrator) on STEFANIE-LAPTOP on 29-05-2015 20:07:12
Running from C:\Users\Stefanie\Downloads
Loaded Profiles: Stefanie (Available Profiles: Stefanie)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
() C:\Program Files\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
() C:\Program Files\Re-markit Corp\Re-markit_wd.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Acer Incorporated) C:\Acer\Mobility Center\MobilityService.exe
(NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Windows\System32\PSIService.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.OE.Systray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [728312 2015-04-16] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\Launcher\Avira.OE.Systray.exe [127792 2015-04-21] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1929016561-3404761482-1178114853-1000\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
HKU\S-1-5-21-1929016561-3404761482-1178114853-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-1929016561-3404761482-1178114853-1000\...\MountPoints2: G - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1929016561-3404761482-1178114853-1000\...\MountPoints2: {069be16b-caaf-11e1-9596-001060d01ead} - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1929016561-3404761482-1178114853-1000\...\MountPoints2: {069be17b-caaf-11e1-9596-001060d01ead} - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1929016561-3404761482-1178114853-1000\...\MountPoints2: {1d2cec57-102f-11e4-b19f-001060d01ead} - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1929016561-3404761482-1178114853-1000\...\MountPoints2: {ae7cdf7f-f617-11e2-8390-001060d01ead} - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1929016561-3404761482-1178114853-1000\...\MountPoints2: {f7ca3e6d-e1e0-11de-a333-806e6f6e6963} - E:\AUTORUN.EXE
HKU\S-1-5-21-1929016561-3404761482-1178114853-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-07-29] (Egis Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1396716744&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WX10E690422704227
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396716744&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WX10E690422704227&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396716744&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WX10E690422704227
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396716744&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WX10E690422704227&q={searchTerms}
HKU\S-1-5-21-1929016561-3404761482-1178114853-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1929016561-3404761482-1178114853-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396716744&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WX10E690422704227
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-1929016561-3404761482-1178114853-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE346
SearchScopes: HKU\S-1-5-21-1929016561-3404761482-1178114853-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1929016561-3404761482-1178114853-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE346
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-31] (RealPlayer)
BHO: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO: No Name -> {4bf43efd-34be-a3c0-61c8-9ad4974fc954} -> No File
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-07-29] (Egis)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-07-29] (Egis Incorporated.)
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-1929016561-3404761482-1178114853-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-1929016561-3404761482-1178114853-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1396716744&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WX10E690422704227
FireFox:
========
FF ProfilePath: C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\tupo2acu.default
FF DefaultSearchUrl: hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: webssearches
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-20] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2010-10-22] (Adobe Systems, Inc.)
FF Plugin: @digitalpublishing.de/dpLaunch -> C:\Program Files\digital publishing\LAUNCHER_12_999999\nplaunch.dll [2012-03-13] (digital publishing AG)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2012-05-31] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2012-05-31] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-05-31] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-05-31] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2012-05-31] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1929016561-3404761482-1178114853-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-10-23] (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2012-05-31] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2012-04-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2012-04-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2012-04-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2012-04-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2012-04-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2012-04-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2012-04-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2012-05-31] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2012-05-31] (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npstrlnk.dll [2010-07-20] ( )
FF SearchPlugin: C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\tupo2acu.default\searchplugins\avira-safesearch.xml [2014-04-06]
FF SearchPlugin: C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\tupo2acu.default\searchplugins\google-images.xml [2015-05-01]
FF SearchPlugin: C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\tupo2acu.default\searchplugins\google-maps.xml [2015-05-01]
FF Extension: Avira Browser Safety - C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\tupo2acu.default\Extensions\abs@avira.com [2015-05-29]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\tupo2acu.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-03]
FF Extension: PAYBACK Toolbar - C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\tupo2acu.default\Extensions\toolbar-ff@payback.de.xpi [2011-06-22]
FF Extension: Adblock Plus - C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\tupo2acu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-14]
FF Extension: LoudMo Contextual Ad Assistant - C:\Program Files\Mozilla Firefox\extensions\{b5b17ab4-6e99-e194-e8a3-d864469fbc46} [2010-01-24]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-13]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-24]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-26]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-31]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-08-06]
FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\tupo2acu.default\extensions\quick_start@gmail.com
FF HKU\S-1-5-21-1929016561-3404761482-1178114853-1000\...\Firefox\Extensions: [{c1f9049a-3290-4967-9a3d-448f242ce94c}] - C:\Program Files\Re-markit Corp\158.xpi
Chrome:
=======
CHR Profile: C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-31]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ALDITALKVerbindungsassistent_Service; C:\Program Files\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [342984 2011-09-13] ()
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [205616 2015-04-21] (Avira Operations GmbH & Co. KG)
R2 BUNAgentSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [File not signed]
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [69632 2008-10-04] () [File not signed]
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [851456 2015-04-27] (Microsoft Corporation)
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2009-08-13] () [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-16] (Intel(R) Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [122880 2009-06-16] (Acer Incorporated) [File not signed]
R2 NTIBackupSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [45056 2008-04-25] (NewTech InfoSystems, Inc.) [File not signed]
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] () [File not signed]
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-16] (Intel(R) Corporation) [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACEDRV05; C:\Windows\system32\drivers\ACEDRV05.sys [97792 2010-01-26] (Protect Software GmbH) [File not signed]
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [295432 2010-01-20] (Protect Software GmbH)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2010-01-25] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107400 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-04] (Avira Operations GmbH & Co. KG)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [225280 2011-07-19] (Intel Corporation)
S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [49904 2008-09-09] (Avanquest Software) [File not signed]
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [5632 2009-07-21] (Windows (R) Win 7 DDK provider)
S3 iBtFltCoex; C:\Windows\System32\DRIVERS\iBtFltCoex.sys [47104 2011-07-20] (Intel Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-01-25] ()
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [22528 2009-07-21] (Nuvoton Technology Corporation)
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [159776 2009-06-24] (Realtek Semiconductor Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2009-07-14] (Microsoft Corporation)
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [87536 2010-03-13] (CyberLink Corp.)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [87536 2008-10-17] (CyberLink Corp.)
S3 cleanhlp; \??\C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 RTSTOR; system32\drivers\RTSTOR.SYS [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-29 14:16 - 2015-05-29 14:19 - 00070121 _____ () C:\Users\Stefanie\Downloads\Addition.txt
2015-05-29 14:16 - 2015-05-29 14:16 - 00380416 _____ () C:\Users\Stefanie\Downloads\Gmer-19357.exe
2015-05-29 14:15 - 2015-05-29 20:07 - 00024178 _____ () C:\Users\Stefanie\Downloads\FRST.txt
2015-05-29 14:15 - 2015-05-29 20:07 - 00000000 ____D () C:\FRST
2015-05-29 14:15 - 2015-05-29 14:15 - 01147392 _____ (Farbar) C:\Users\Stefanie\Downloads\FRST.exe
2015-05-29 14:14 - 2015-05-29 20:05 - 00000478 _____ () C:\Users\Stefanie\Downloads\defogger_disable.log
2015-05-29 14:14 - 2015-05-29 14:14 - 00000000 _____ () C:\Users\Stefanie\defogger_reenable
2015-05-29 14:13 - 2015-05-29 14:13 - 00050477 _____ () C:\Users\Stefanie\Downloads\Defogger.exe
2015-05-29 13:58 - 2015-05-29 13:58 - 00602112 _____ (OldTimer Tools) C:\Users\Stefanie\Downloads\OTL.exe
2015-05-25 10:37 - 2015-05-25 10:41 - 00000000 ____D () C:\Users\Stefanie\AppData\Local\elfopatch
2015-05-23 17:30 - 2015-05-29 20:00 - 00116952 _____ () C:\Windows\setupact.log
2015-05-23 17:30 - 2015-05-23 17:30 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-23 17:29 - 2015-05-29 20:00 - 00001822 _____ () C:\Windows\PFRO.log
2015-05-22 16:14 - 2015-05-22 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dm-Fotowelt
2015-05-22 16:11 - 2015-05-22 16:11 - 00000000 ____D () C:\Program Files\dm
2015-05-22 16:10 - 2015-05-22 16:11 - 01627112 _____ () C:\Users\Stefanie\Downloads\setup_dm_Fotowelt.exe
2015-05-22 15:31 - 2015-05-22 15:31 - 00000000 ____D () C:\Users\Stefanie\restore
2015-05-20 12:05 - 2015-05-20 12:05 - 01124544 _____ (Adobe Systems Incorporated) C:\Users\Stefanie\Downloads\flashplayer17au_ha_install.exe
2015-05-19 11:01 - 2015-05-19 11:17 - 00000000 ____D () C:\Users\Stefanie\Opel-Zoo
2015-05-15 19:24 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-15 19:01 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-15 19:01 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-15 19:01 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-15 19:01 - 2015-04-21 18:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-15 19:01 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-15 19:01 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-15 19:01 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-15 19:01 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-15 19:01 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-15 19:01 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-15 19:01 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-15 19:01 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-15 19:01 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-15 19:01 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-15 19:01 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-15 19:01 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-15 19:01 - 2015-04-21 17:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-15 19:01 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-15 19:01 - 2015-04-21 17:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-15 19:01 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-15 19:01 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-15 19:01 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-15 19:01 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-15 19:01 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-15 19:01 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-15 19:01 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-15 19:01 - 2015-04-21 17:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-15 19:01 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-15 19:01 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-15 19:01 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-15 19:01 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-15 19:01 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-15 19:01 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-15 19:01 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-15 19:01 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-15 19:01 - 2015-04-20 04:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-15 19:01 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-15 19:01 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-15 19:01 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-15 19:01 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-15 19:01 - 2014-12-11 19:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-05-15 19:01 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-05-10 11:02 - 2013-10-02 01:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-05-10 11:01 - 2013-10-02 02:42 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-05-10 11:01 - 2013-10-02 02:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-05-10 11:01 - 2013-10-02 02:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-05-10 11:01 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-05-10 11:01 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-05-10 11:01 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-05-10 11:01 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-05-10 11:01 - 2013-10-02 00:53 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-05-10 11:01 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-05-10 10:59 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-05-10 10:59 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-10 10:59 - 2015-04-27 21:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-10 10:59 - 2015-04-27 21:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-10 10:59 - 2015-04-27 21:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-10 10:59 - 2015-04-27 21:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-10 10:59 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-10 10:59 - 2015-04-27 21:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-10 10:59 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-10 10:59 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-10 10:59 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-10 10:59 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-10 10:59 - 2015-04-27 21:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-10 10:59 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-10 10:59 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-10 10:59 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-10 10:59 - 2015-04-27 21:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-10 10:59 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-10 10:59 - 2015-04-27 21:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-10 10:59 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-10 10:59 - 2015-04-27 20:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-10 10:59 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-10 10:59 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-05-10 10:59 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-10 10:59 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-10 10:59 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-10 10:59 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-10 10:59 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-10 10:58 - 2015-04-27 21:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-10 10:58 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-10 10:58 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-10 10:58 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-10 10:58 - 2015-04-27 21:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-10 10:58 - 2015-04-27 21:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-10 10:58 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-10 10:58 - 2015-04-27 21:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-10 10:58 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-10 10:58 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-10 10:58 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-10 10:58 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-10 10:58 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-10 10:58 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-10 10:58 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-10 10:57 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-10 10:28 - 2015-05-10 10:28 - 00001173 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-05-10 10:27 - 2015-05-10 10:27 - 00347816 _____ (Microsoft Corporation) C:\Users\Stefanie\Downloads\MicrosoftFixit.wu.Run.exe
2015-05-10 10:26 - 2015-05-25 10:38 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-10 10:26 - 2015-05-10 10:26 - 04734040 _____ (Avira Operations GmbH & Co. KG) C:\Users\Stefanie\Downloads\avira_de_av_554f160a47658__ws.exe
2015-05-04 11:13 - 2006-09-18 23:41 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.20150504-111313.backup
2015-05-01 19:16 - 2006-09-18 23:41 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.20150501-191623.backup
2015-05-01 19:14 - 2006-09-18 23:41 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.20150501-191453.backup
2015-05-01 16:28 - 2015-05-01 16:28 - 44167360 _____ (Microsoft Corporation) C:\Users\Stefanie\Downloads\Windows-KB890830-V5.23.exe
2015-05-01 16:06 - 2015-05-01 19:01 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-05-01 16:06 - 2015-05-01 16:09 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-05-01 16:06 - 2015-05-01 16:06 - 00002139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-05-01 16:06 - 2015-05-01 16:06 - 00002127 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-05-01 16:06 - 2015-05-01 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-05-01 16:06 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2015-05-01 16:05 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2015-05-01 16:05 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2015-05-01 16:04 - 2015-05-01 16:04 - 01203488 _____ () C:\Users\Stefanie\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-05-01 15:52 - 2015-05-29 20:00 - 00000476 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-05-01 15:52 - 2015-05-24 18:00 - 00000450 _____ () C:\Windows\Tasks\ParetoLogic Registration3.job
2015-05-01 15:52 - 2015-05-04 11:07 - 00000424 _____ () C:\Windows\Tasks\ParetoLogic Update Version3.job
2015-05-01 15:52 - 2015-05-01 15:52 - 00000000 ____D () C:\Users\Stefanie\AppData\Roaming\ParetoLogic
2015-05-01 15:52 - 2015-05-01 15:52 - 00000000 ____D () C:\Users\Stefanie\AppData\Roaming\DriverCure
2015-05-01 15:51 - 2015-05-01 16:02 - 00000000 ____D () C:\ProgramData\ParetoLogic
2015-05-01 15:51 - 2015-05-01 15:51 - 05813872 _____ (ParetoLogic Inc.) C:\Users\Stefanie\Downloads\ParetoLogic PC Health Advisor_de.exe
2015-05-01 15:51 - 2015-05-01 15:51 - 00000000 ____D () C:\Program Files\Common Files\ParetoLogic
2015-05-01 15:48 - 2015-05-01 15:48 - 00000000 ____D () C:\Users\Stefanie\Thorsten Handy
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-29 20:00 - 2014-04-05 18:52 - 00002764 _____ () C:\Windows\Tasks\74d52b3c-be80-4a90-bd6c-4b7266540f32-3.job
2015-05-29 20:00 - 2014-04-05 18:52 - 00002328 _____ () C:\Windows\Tasks\74d52b3c-be80-4a90-bd6c-4b7266540f32-4.job
2015-05-29 20:00 - 2014-04-05 18:52 - 00001424 _____ () C:\Windows\Tasks\74d52b3c-be80-4a90-bd6c-4b7266540f32-5.job
2015-05-29 20:00 - 2014-04-05 18:52 - 00001322 _____ () C:\Windows\Tasks\74d52b3c-be80-4a90-bd6c-4b7266540f32-1.job
2015-05-29 20:00 - 2014-04-05 18:52 - 00001320 _____ () C:\Windows\Tasks\74d52b3c-be80-4a90-bd6c-4b7266540f32-2.job
2015-05-29 20:00 - 2014-04-05 18:52 - 00000374 _____ () C:\Windows\Tasks\Re-markit Update.job
2015-05-29 20:00 - 2014-04-05 18:52 - 00000372 _____ () C:\Windows\Tasks\Re-markit_wd.job
2015-05-29 20:00 - 2010-02-16 19:05 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-29 20:00 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-29 20:00 - 2009-01-22 20:14 - 00000147 _____ () C:\Windows\system32\agent.log
2015-05-29 14:19 - 2009-12-05 23:35 - 01152735 _____ () C:\Windows\WindowsUpdate.log
2015-05-29 14:15 - 2013-10-10 07:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-29 14:14 - 2009-12-05 23:02 - 00000000 ____D () C:\Users\Stefanie
2015-05-29 13:54 - 2010-02-16 19:05 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-29 13:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-29 12:56 - 2009-12-05 23:01 - 00019440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-29 12:56 - 2009-12-05 23:01 - 00019440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-26 18:56 - 2012-05-28 19:26 - 00000000 ____D () C:\Users\Stefanie\Steuererklärung
2015-05-26 18:37 - 2012-05-05 21:15 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-25 12:39 - 2009-11-26 10:46 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2015-05-25 12:17 - 2012-05-05 21:49 - 00000000 ____D () C:\Users\Stefanie\PV-Anlage
2015-05-25 10:45 - 2012-06-09 09:24 - 00000000 ____D () C:\Program Files\ElsterFormular
2015-05-25 10:42 - 2012-06-09 09:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2015-05-22 17:24 - 2009-12-05 23:43 - 01649492 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-22 16:19 - 2014-04-05 17:52 - 00000000 ____D () C:\Users\Stefanie\AppData\Local\CrashDumps
2015-05-22 16:19 - 2012-08-10 16:17 - 00000000 ____D () C:\ProgramData\tmp
2015-05-22 15:57 - 2012-08-10 16:17 - 00000000 ____D () C:\ProgramData\hps
2015-05-22 15:14 - 2009-10-10 22:04 - 00000000 ____D () C:\Users\Stefanie\AppData\Local\Corel
2015-05-22 15:13 - 2009-10-04 14:20 - 00000000 ____D () C:\Users\Stefanie\Documents\My PSP Files
2015-05-20 20:30 - 2013-05-19 19:56 - 00000000 ____D () C:\Windows\rescache
2015-05-20 12:54 - 2015-04-05 20:18 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-20 12:06 - 2014-10-17 12:56 - 00000000 ____D () C:\Users\Stefanie\AppData\Local\Adobe
2015-05-20 12:05 - 2012-03-30 17:07 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-05-20 12:05 - 2011-05-18 08:11 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-05-19 11:20 - 2009-11-26 11:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-16 10:57 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-16 10:24 - 2009-07-14 06:33 - 00433448 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-16 10:23 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-05-16 10:22 - 2012-10-28 11:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-15 19:24 - 2009-01-22 20:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-15 19:23 - 2013-07-26 19:25 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-15 19:16 - 2009-12-17 20:41 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-15 19:14 - 2009-07-14 10:56 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-15 19:13 - 2012-10-28 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-10 11:10 - 2014-04-11 13:46 - 00000000 ____D () C:\Program Files\Alien Skin
2015-05-10 11:07 - 2009-07-14 04:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-10 11:03 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE
2015-05-10 11:03 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-10 10:33 - 2014-05-09 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-10 10:26 - 2012-10-17 08:41 - 00000000 ____D () C:\ProgramData\Avira
2015-05-10 10:26 - 2012-10-17 08:41 - 00000000 ____D () C:\Program Files\Avira
2015-05-04 11:12 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2015-05-01 17:49 - 2013-11-30 20:57 - 00000000 ____D () C:\Users\Stefanie\AppData\Roaming\GlarySoft
==================== Files in the root of some directories =======
2011-11-12 14:23 - 2011-11-12 14:52 - 0000391 _____ () C:\Users\Stefanie\AppData\Roaming\prefsdb.dat
2009-12-08 13:59 - 2009-12-08 13:59 - 0000000 _____ () C:\Users\Stefanie\AppData\Roaming\wklnhst.dat
2011-12-20 20:47 - 2013-03-24 19:35 - 0015360 _____ () C:\Users\Stefanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-12-26 19:09 - 2009-12-26 19:09 - 0000096 _____ () C:\Users\Stefanie\AppData\Local\fusioncache.dat
2014-04-05 19:54 - 2014-04-05 19:54 - 1176896 _____ (AnyProtect.com) C:\Users\Stefanie\AppData\Local\nso625F.tmp
2010-10-09 19:47 - 2010-10-09 19:47 - 0007605 _____ () C:\Users\Stefanie\AppData\Local\Resmon.ResmonCfg
2010-03-21 12:24 - 2010-03-21 12:35 - 0000168 __RSH () C:\ProgramData\3FFED20C6C.sys
2012-04-13 18:26 - 2012-04-13 18:26 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-09-05 22:00 - 2010-09-05 22:00 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-03-21 12:24 - 2010-03-21 12:35 - 0005642 ___SH () C:\ProgramData\KGyGaAvL.sys
Files to move or delete:
====================
C:\Users\Stefanie\Powador-monitorSetup.exe
Some files in TEMP:
====================
C:\Users\Stefanie\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-24 20:43
==================== End of log ============================
|
|
30.05.2015, 16:07
| #5 |
| /// TB-Ausbilder | Windows 7 Windows Explorer schließt sich immer Servus, Scan mit Combofix
|
|
30.05.2015, 19:47
| #6 |
| | Windows 7 Windows Explorer schließt sich immer Hallo Matthias, nachdem Combofix den Scan ausgeführt hat bekomme ich folgenden Warnhinweis: Unable to create a backup of the current registry file C:\ Windows\ System32\config\SOFTWARE ! Continue restoration of this file? Ja oder nein? Viele Grüße Tuuli |
|
| Themen zu Windows 7 Windows Explorer schließt sich immer |
| antivir, ausgeführt, bilder, brauche, einfach, erstell, explorer, funktionier, funktioniert, geholfen, geschlossen, gmer, hoffe, log, meldung, nicht mehr, ordner, programm, schließe, schließt, tagen, windows, windows 7, windows explorer, öffnen |
Hybrid-Darstellung
