| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows Update? Aero Design weg - bei mir auchWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.07.2015, 12:21
| #1 |
| |  Windows Update? Aero Design weg - bei mir auch Hallo, ich habe das gleiche Problem wie der Kollege (http://www.trojaner-board.de/168960-...esign-weg.html) Habe nun, wie in seinem Problem beschrieben FRST installiert und den Scan laufen lassen: Kann mir diesbezüglich jemand helfen? Danke vorab. Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Basti (administrator) on BASTI-PC on 24-07-2015 12:41:05
Running from C:\Users\Basti\Downloads
Loaded Profiles: Basti (Available Profiles: Basti)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Basti\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\CompatTel\wicainventory.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-x64-V5.26.exe
(Microsoft Corporation) C:\c8e7715dc16f0ad006\mrtstub.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
(Farbar) C:\Users\Basti\Downloads\FRST64 (1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8098848 2009-09-04] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2009-10-30] (Acer Incorporated)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297112 2014-12-09] (COMODO)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-11] (Cisco Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3967129415-799815695-785154672-1001\...\Run: [GoogleChromeAutoLaunch_63D8154278637FAC558C6DCA49B059DF] => C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe [813896 2015-07-14] (Google Inc.)
HKU\S-1-5-21-3967129415-799815695-785154672-1001\...\Run: [Spotify Web Helper] => C:\Users\Basti\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2008632 2015-07-13] (Spotify Ltd)
HKU\S-1-5-21-3967129415-799815695-785154672-1001\...\Run: [Google Update] => C:\Users\Basti\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
HKU\S-1-5-18\...\Run: [Copy] => "C:\Users\Basti\AppData\Roaming\Copy\CopyAgent.exe"
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-02] (Microsoft Corporation)
Lsa: [Notification Packages] C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
ShellIconOverlayIdentifiers: [1aCopyShExtError] -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [2aCopyShExtSynced] -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [3aCopyShExtSyncing] -> {F6378A7A-F753-449B-AE1B-997A96132E61} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [4aCopyShExtSyncingProg1] -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [5aCopyShExtSyncingProg2] -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [6aCopyShExtSyncingProg3] -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [7aCopyShExtSyncingProg4] -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [8aCopyShExtSyncingProg5] -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-10] (Egis Technology Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3967129415-799815695-785154672-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5935&r=273604114815l04d4z115t48k2x285
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4B6CADAD-60B3-4557-AEAC-DCDA78E734BA}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\0kr1n4gz.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-19] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3967129415-799815695-785154672-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Basti\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3967129415-799815695-785154672-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3967129415-799815695-785154672-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Extension: No Name - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\0kr1n4gz.default\Extensions\groovesharkUnlocker@overlord1337.xpi [2013-05-29]
FF Extension: No Name - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\0kr1n4gz.default\Extensions\yt.fm@ashishdubey.info.xpi [2013-06-06]
FF Extension: No Name - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\0kr1n4gz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-09]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-01]
Chrome:
=======
CHR HomePage: Default -> hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=ecfd496a-38c5-109b-1e68-93ccab8d7321&searchtype=hp&fr=linkury-tb&installDate={installDate}&type=hp1000
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR DefaultSuggestURL: Default -> hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\39.0.2171.71\pdf.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Basti\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Google Update) - C:\Users\Basti\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Unfriend Notify for Facebook) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahigpjeolkfgjdaeodlmaceggigbpeoh [2014-01-12]
CHR Extension: (Google Docs) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-20]
CHR Extension: (Google Drive) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-20]
CHR Extension: (YouTube) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-21]
CHR Extension: (Google Search) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-21]
CHR Extension: (Grooveshark Germany unlocker) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejcnhmeicafddjdaeecddemnhnomiaai [2013-09-27]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-04-21]
CHR Extension: (Last.fm Scrobbler) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm [2015-06-15]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2014-08-12]
CHR Extension: (Soundcloud Scrobbler) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpeffoigdfgjdbbijlaaodoicejjbpcg [2013-10-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Skype Click to Call) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-20]
CHR Extension: (Grooveshark Unlock for Germany) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkdjagkphafkafpalkhpnlmeihajppkb [2013-11-07]
CHR Extension: (Google Wallet) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
StartMenuInternet: Google Chrome.SRGNKSL2YBWGG66RISZCRL5KNE - C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Locked "BFE" service could not be unlocked. <===== ATTENTION
U3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-10] (Adobe Systems) [File not signed]
U2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2014-12-09] (COMODO)
U3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2014-12-09] (COMODO)
U2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [788000 2009-10-30] (Acer Incorporated)
U2 IGBASVC; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3450368 2009-09-05] (Egis Technology Inc.) [File not signed]
U3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
U3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
U2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
U2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
U2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) [File not signed]
U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2014-12-09] (COMODO)
U1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2014-12-09] (COMODO)
U1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45880 2014-12-09] (COMODO)
U1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104608 2014-12-09] (COMODO)
U3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
U3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
U5 BFE; <===== ATTENTION Locked Service
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-24 12:41 - 2015-07-24 13:02 - 00022810 _____ C:\Users\Basti\Downloads\FRST.txt
2015-07-24 12:40 - 2015-07-24 12:41 - 00000000 ____D C:\FRST
2015-07-24 12:31 - 2015-07-24 12:32 - 02135552 _____ (Farbar) C:\Users\Basti\Downloads\FRST64.exe
2015-07-24 12:31 - 2015-07-24 12:32 - 02135552 _____ (Farbar) C:\Users\Basti\Downloads\FRST64 (1).exe
2015-07-24 12:21 - 2015-07-24 12:21 - 00000000 ____D C:\c8e7715dc16f0ad006
2015-07-21 15:01 - 2015-07-21 15:01 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 01:38 - 2015-07-21 01:38 - 00017948 _____ C:\Users\Basti\Desktop\450 chellange.xlsx
2015-07-15 10:40 - 2015-07-15 10:40 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 10:40 - 2015-07-15 10:40 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 10:39 - 2015-07-15 10:39 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 10:39 - 2015-07-15 10:39 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 10:39 - 2015-07-15 10:39 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 10:39 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 10:39 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 10:39 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 10:38 - 2015-07-15 10:38 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 10:38 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 10:37 - 2015-07-15 10:37 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 10:37 - 2015-07-15 10:37 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 10:37 - 2015-07-15 10:37 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 10:37 - 2015-07-15 10:37 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 10:37 - 2015-07-15 10:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 10:37 - 2015-07-15 10:37 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 10:37 - 2015-07-15 10:37 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 10:37 - 2015-07-15 10:37 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 10:37 - 2015-07-15 10:37 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 10:37 - 2015-07-15 10:37 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 10:37 - 2015-07-15 10:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 10:37 - 2015-07-15 10:37 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 10:37 - 2015-07-15 10:37 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-10 20:08 - 2015-07-10 20:08 - 00023235 _____ C:\Users\Basti\Downloads\Springerling-Blattplanung_124S.xlsx
2015-07-10 20:08 - 2015-07-10 20:08 - 00023235 _____ C:\Users\Basti\Downloads\Springerling-Blattplanung_124S (2).xlsx
2015-07-10 20:08 - 2015-07-10 20:08 - 00023235 _____ C:\Users\Basti\Downloads\Springerling-Blattplanung_124S (1).xlsx
2015-07-09 16:15 - 2015-07-09 16:15 - 07527963 _____ C:\Users\Basti\Downloads\wetransfer-77a5a6.zip
2015-07-04 13:47 - 2015-07-04 13:47 - 00146802 _____ C:\Users\Basti\Downloads\Motorjournalismus.xlsx
2015-07-03 17:07 - 2015-07-03 17:22 - 00091136 _____ C:\Users\Basti\Downloads\Zeitnachweis 2014_Praktikum.xls
2015-07-03 17:07 - 2015-07-03 17:07 - 00110080 _____ C:\Users\Basti\Downloads\02_Zeitnachweis 2014_Studenten (Mo-So) (2).xls
2015-07-03 14:26 - 2015-07-14 14:27 - 00003852 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1435926358
2015-07-03 14:26 - 2015-07-03 14:26 - 00001133 _____ C:\Users\Public\Desktop\Opera 30.lnk
2015-07-03 14:26 - 2015-07-03 14:26 - 00001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 30.lnk
2015-07-03 14:26 - 2015-07-03 14:26 - 00000000 ____D C:\Users\Basti\AppData\Local\Opera Software
2015-07-03 14:25 - 2015-07-03 14:25 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Opera Software
2015-06-30 21:29 - 2015-06-30 21:32 - 00000000 ____D C:\Users\Basti\Documents\Olivia
2015-06-30 21:29 - 2015-06-30 21:29 - 00001744 _____ C:\Users\Basti\Desktop\Olivia - Verknüpfung.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-24 13:04 - 2013-10-28 20:33 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2015-07-24 13:02 - 2014-04-28 18:48 - 00156294 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-07-24 12:32 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-24 12:32 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-24 12:28 - 2011-09-19 20:58 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001UA.job
2015-07-24 12:28 - 2011-04-05 16:45 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-24 12:27 - 2013-10-17 15:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-24 12:26 - 2011-11-01 22:10 - 00001138 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001UA.job
2015-07-24 12:22 - 2013-10-17 14:13 - 00000000 ____D C:\Windows\system32\MRT
2015-07-24 12:21 - 2013-10-17 14:13 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-24 12:06 - 2013-10-15 16:17 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec9b145a0b813.job
2015-07-24 12:06 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-24 12:04 - 2009-07-14 06:51 - 00188606 _____ C:\Windows\setupact.log
2015-07-23 12:50 - 2010-11-17 16:56 - 00798686 _____ C:\Windows\system32\perfh007.dat
2015-07-23 12:50 - 2010-11-17 16:56 - 00203174 _____ C:\Windows\system32\perfc007.dat
2015-07-23 12:50 - 2009-07-14 07:13 - 01775472 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-23 10:28 - 2011-09-19 20:58 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001Core.job
2015-07-22 23:32 - 2013-01-13 03:21 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Spotify
2015-07-22 18:27 - 2011-10-23 14:17 - 00000000 ____D C:\Users\Basti\Documents\OpenTTD
2015-07-22 10:35 - 2013-10-17 15:33 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-22 10:20 - 2013-01-13 03:21 - 00000000 ____D C:\Users\Basti\AppData\Local\Spotify
2015-07-22 10:12 - 2009-07-14 06:45 - 00479720 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 01:03 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-17 09:26 - 2011-11-01 22:10 - 00001116 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001Core.job
2015-07-16 19:27 - 2015-04-09 10:20 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 19:27 - 2015-04-09 10:20 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 19:27 - 2014-12-13 13:28 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 19:27 - 2014-05-06 11:08 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-16 19:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 10:47 - 2010-11-10 15:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-16 10:23 - 2014-01-07 11:19 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cec9b145a0b813
2015-07-16 10:23 - 2011-09-19 20:58 - 00004090 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001UA
2015-07-16 10:23 - 2011-09-19 20:58 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001Core
2015-07-16 10:23 - 2011-04-05 16:45 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-14 22:25 - 2011-09-19 21:00 - 00002360 _____ C:\Users\Basti\Desktop\Google Chrome.lnk
2015-07-14 14:27 - 2011-04-14 22:49 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-13 12:21 - 2012-06-16 10:37 - 00000000 ____D C:\Users\Basti\Documents\01 Uni
2015-07-13 11:57 - 2011-04-05 21:49 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Skype
2015-07-13 11:28 - 2011-04-05 21:49 - 00000000 ____D C:\ProgramData\Skype
2015-07-01 13:10 - 2014-07-12 14:19 - 00000000 ____D C:\Users\Basti\AppData\Roaming\vlc
==================== Files in the root of some directories =======
2014-05-08 19:56 - 2014-05-08 20:06 - 6103040 _____ () C:\Program Files (x86)\GUT2A31.tmp
2010-11-10 15:09 - 2009-02-10 22:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2015-03-10 01:32 - 2015-03-10 01:32 - 0003584 _____ () C:\Users\Basti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-12-28 19:07 - 2011-12-28 19:07 - 0004096 ____H () C:\Users\Basti\AppData\Local\keyfile3.drm
2010-11-17 08:24 - 2010-11-17 08:26 - 0008417 _____ () C:\ProgramData\ArcadeDeluxe3.log
2011-04-05 21:56 - 2011-04-05 21:56 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-11-10 15:09 - 2009-07-18 04:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2012-11-22 19:38 - 2012-11-22 20:43 - 0004122 _____ () C:\ProgramData\hpzinstall.log
2013-10-08 23:35 - 2013-10-09 01:25 - 0000000 _____ () C:\ProgramData\hwid7tt.ctrl
2013-10-08 23:35 - 2013-10-09 01:25 - 95025368 ____T () C:\ProgramData\hwid7tt.pff
Files to move or delete:
====================
C:\ProgramData\hwid7tt.ctrl
C:\ProgramData\hwid7tt.pff
Some files in TEMP:
====================
C:\Users\Basti\AppData\Local\Temp\ABP_InstallChecker.exe
C:\Users\Basti\AppData\Local\Temp\ABP_TB0001.exe
C:\Users\Basti\AppData\Local\Temp\AskSLib.dll
C:\Users\Basti\AppData\Local\Temp\DivXWebPlayerInstaller.exe
C:\Users\Basti\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbjwz6v.dll
C:\Users\Basti\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Basti\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Basti\AppData\Local\Temp\iTunesPluginWinSetup_3.0.4.0.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Basti\AppData\Local\Temp\Last.fm-2.1.32.exe
C:\Users\Basti\AppData\Local\Temp\Offer100.exe
C:\Users\Basti\AppData\Local\Temp\ose00002.exe
C:\Users\Basti\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Basti\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Basti\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Basti\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Basti\AppData\Local\Temp\wmpfirefoxplugin.exe
C:\Users\Basti\AppData\Local\Temp\WmpPluginSetup_2.1.0.6.exe
C:\Users\Basti\AppData\Local\Temp\{28C2AE83-0CDF-4C54-A3EB-49F648C98865}-31.0.1650.57_30.0.1599.101_chrome_updater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-06 15:06
==================== End of log ============================
|
|
24.07.2015, 12:22
| #2 |
| | Windows Update? Aero Design weg - bei mir auch [CODE]Additional
__________________FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Basti at 2015-07-24 13:06:59
Running from C:\Users\Basti\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3967129415-799815695-785154672-500 - Administrator - Disabled)
Basti (S-1-5-21-3967129415-799815695-785154672-1001 - Administrator - Enabled) => C:\Users\Basti
Gast (S-1-5-21-3967129415-799815695-785154672-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7029 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7029 - CyberLink Corp.) Hidden
Acer Arcade Instant On (x32 Version: 3.0.20.1 - Acer) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.1.29 - NewTech Infosystems)
Acer Bio Protection (HKLM-x32\...\InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}) (Version: 6.2.56 - Egis Technology Inc.)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.5.3 - Suyin Optronics Corp)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.06.3007 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.9.0715 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Adobe Reader X (10.1.8) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Airline Tycoon Evolution (HKLM-x32\...\{16E43D5F-5296-4D53-B303-9D951AFE510F}) (Version: - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Backup Manager Advance (x32 Version: 2.0.1.29 - NewTech Infosystems) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BRAINYOO (HKLM-x32\...\BRAINYOO) (Version: - BRAINYOO Ltd.)
Bridge Building Game (HKLM-x32\...\Bridge Building Game) (Version: - )
Broadcom Gigabit Integrated Controller (HKLM\...\{49F3D04B-B849-4C89-AB31-2366A004EA28}) (Version: 12.24.01 - Broadcom Corporation)
CDex extraction audio (HKLM-x32\...\CDex) (Version: - )
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05170 - Cisco Systems, Inc.) Hidden
COMODO Internet Security (HKLM\...\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}) (Version: 4.1.19277.920 - COMODO Group Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dolphin Futures XPS Viewer version 1.1.0 (HKLM-x32\...\{75480068-162F-4D6B-B38E-76606A4E5320}_is1) (Version: 1.1.0 - Dolphin Futures Limited)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
Dropbox (HKU\S-1-5-21-3967129415-799815695-785154672-1001\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
ElsterFormular-Upgrade (HKLM-x32\...\ElsterFormular für Privatanwender 12.2.0.6412p) (Version: 15.1.13904 - )
ENE CIR Receiver Driver (HKLM\...\5F4DD0919B4763856B77AD385DEEEFCDF01784A8) (Version: 2.7.3.519 - ENE)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fingerprint Solution (x32 Version: 6.1.20.0 - Ihr Firmenname) Hidden
Fingerprint Solution (x32 Version: 6.1.56.0 - Egis Technology Inc.) Hidden
Free Alarm Clock 2.7.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 2.7 - Comfort Software Group)
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.9.35.324 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Limited.)
Google Chrome (HKU\S-1-5-21-3967129415-799815695-785154672-1001\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
ICQ7.5 (HKLM-x32\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
IndustrieGigant 2 (HKLM-x32\...\{8D914DD2-F3CE-44E4-9498-E7EED093281C}_is1) (Version: - UIG GmbH)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Last.fm Scrobbler 2.1.32 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 34.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 de)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)
OpenTTD 1.1.3 (HKLM-x32\...\OpenTTD) (Version: 1.1.3 - OpenTTD)
Opera 12.02 (HKLM-x32\...\Opera 12.02.1578) (Version: 12.02.1578 - Opera Software ASA)
Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)
pdfsam (HKLM-x32\...\pdfsam) (Version: 2.2.1 - )
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5932 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3967129415-799815695-785154672-1001\...\Spotify) (Version: 1.0.9.133.gcedaee38 - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Transport Tycoon Deluxe (HKLM-x32\...\ft_Transport Tycoon Deluxe) (Version: - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Yahoo Community Smartbar (HKLM-x32\...\{D7403121-68C2-48BC-874D-048015E60DF0}) (Version: 10.179.66.13636 - Linkury Inc.) <==== ATTENTION
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
Could not list restore points
Check "winmgmt" service or repair WMI.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06BA3993-0599-46CF-B412-A2AAB23579AC} - System32\Tasks\GoogleUpdateTaskMachineCore1cec9b145a0b813 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {141C692F-5858-49F2-8EF9-07B83EB44719} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001Core => C:\Users\Basti\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {1ABDFDD4-8287-4EC9-8F22-A2E88B503934} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {395061C2-063F-483B-8ED4-34DF807A07EB} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {3A55A695-EB1B-48C7-BCAB-E44CF60EFB74} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {3F595DBB-BB30-4D50-8857-8A3B74A32887} - System32\Tasks\{34A4B7D0-2878-416A-A9F4-3B414A058DD1} => pcalua.exe -a C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\0kr1n4gz.default\extensions\DivXWebPlayer@divx.com\DivXWebPlayerInstaller.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {437099FC-DEEC-4A0E-9DE1-EAA7B4E3E75B} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {54FA914D-43C6-431D-A53C-B0A201466DAA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001UA => C:\Users\Basti\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {634CD0F9-F039-4C33-BB30-1A75780FC3A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {74FB408D-E1B5-4120-8A96-F12BE502DD44} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-12-09] (COMODO)
Task: {99543C22-4508-46A8-9AB8-E15657BB4CF5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001Core => C:\Users\Basti\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-18] (Facebook Inc.)
Task: {A9B7999A-D778-4A6F-B6CF-4DD590B76C3A} - System32\Tasks\Opera scheduled Autoupdate 1435926358 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-14] (Opera Software)
Task: {AF981828-2B0D-445D-B8E9-526E2A14D1A8} - System32\Tasks\{3E8E0646-8ABB-457B-82D9-134166BF1321} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.)
Task: {C36770EC-BA3A-43E0-836D-D387D9FF6F39} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001UA => C:\Users\Basti\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-18] (Facebook Inc.)
Task: {CFD92F53-81E8-4E19-95AF-84F867599387} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19] (Adobe Systems Incorporated)
Task: {D59F6A47-E97B-4284-B595-94BE68D730E6} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {E4F0B2A2-7652-42F8-A890-F19769269DB6} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001Core.job => C:\Users\Basti\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001UA.job => C:\Users\Basti\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec9b145a0b813.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001Core.job => C:\Users\Basti\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001UA.job => C:\Users\Basti\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2008-05-26 12:24 - 2008-05-26 12:24 - 00103424 _____ () C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64.DLL
2013-11-04 20:57 - 2013-04-15 19:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2014-06-11 05:34 - 2014-06-11 05:34 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-02-03 03:33 - 2009-02-03 03:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 03:55 - 2008-09-29 03:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2015-07-14 22:25 - 2015-07-13 23:55 - 01281864 _____ () C:\Users\Basti\AppData\Local\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 22:25 - 2015-07-13 23:55 - 00080712 _____ () C:\Users\Basti\AppData\Local\Google\Chrome\Application\43.0.2357.134\libegl.dll
2015-07-14 22:25 - 2015-07-13 23:55 - 16308040 _____ () C:\Users\Basti\AppData\Local\Google\Chrome\Application\43.0.2357.134\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aaclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\java.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\javaw.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\javaws.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\02_Zeitnachweis 2014_Studenten (Mo-So) (2).xls:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\1435076404913.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\1436191598742.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\1436191647384.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\1437566068702.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\15250905317_68897d677c_z.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\176255__urbaneguerilla__wolfbane-poem.wav:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\20141217131535176.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\20141217131551919.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\20141217131609691.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\270class06.zip:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\AdwCleaner09.exe:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\AdwCleaner09.exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\audacity-win-2.0.6.exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Bewerbung_SebastianOehmigen_P7.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Compareandcontrast_SebastianOehmigen_edited.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\documents-export-2015-01-15.zip:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\empiri-arbeit.odt:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\FCF7.tmp:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\Final Project.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\FreeStudio_CB-DL-Manager.exe:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\FreeStudio_CB-DL-Manager.exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\FRST64 (1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\FRST64 (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\FXEQ.zip:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Group Project.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\ha-dmanagement.odt:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\image (15).jpeg:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\IMG_1448.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\IMG_1646.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\IMG_1647.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\IMG_1659.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Imma (1).PDF:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Imma.PDF:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\jxpiinstall.exe:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\jxpiinstall.exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Karteninhaber_Reklamation089284.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Klangrainer - Die Taube hinkt.zip:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Klausurfragen-Kolb-1.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Klausurfragen-und-AW-Kolb-1.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\L3 - Theory of Public Relations.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Lame_v3.99.3_for_Windows.exe:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\Lame_v3.99.3_for_Windows.exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\MARK-365-Public-Relations-outline-2014.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Media-Blackout_korrigiert.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Motorjournalismus.xlsx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\oliviameyer_mediengestalterbewerbung2014.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Peer Evaluation Form.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Policy #9464959 - Int'l Student Basic Policy.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Policy #9464959 - Wallet Card.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Pruefungsleistungen_be03543ad9-e92a-486a-967a-6718a6ffdce7.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Pruefungsleistungen_be3d427fc7-449b-4b3c-87d5-c91fe1200c99.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Rahmenbedingungen_Allgemeines.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\sebastianoehmigenArbeitszeugnisBILD.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\sebastianoehmigen_lebenslauf (1).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\SNBC_CaseStudy_SebastianOehmigen_editiert.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Sound-Effects-Pack_semikorrigiert.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\SpotifySetup (2).exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Springerling-Blattplanung_124S (1).xlsx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Springerling-Blattplanung_124S (2).xlsx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Springerling-Blattplanung_124S.xlsx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\SPRINGERLING_2015_BUCH-korrektur.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Virtual-Boy-Promotional-TV-Commercial.avi:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\VIU PR Plan (4).pptx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\VR_PPT.pptx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Werkstudent B2B-Agents.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\wetransfer-77a5a6.zip:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Wired Presentation.pptx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Zeitnachweis 2014_Praktikum.xls:$CmdZnID
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3967129415-799815695-785154672-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: )
mpsdrv Firewall Service is not running.
MpsSvc Firewall Service is not running.
bfe Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk => C:\Windows\pss\Acer VCM.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Basti^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Basti^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Basti^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Basti\AppData\Local\Smartbar\Application\Smartbar.exe startup
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Basti\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FreeAC => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun
MSCONFIG\startupreg: Global Registration => "C:\Program Files (x86)\Acer\Registration\GREG.exe" BOOT
MSCONFIG\startupreg: Google Update => "C:\Users\Basti\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: mcagent_exe => C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /runkey
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: PLFSetI => C:\Windows\PLFSetI.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Basti\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Basti\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: VitaKeyPdtWzd => "C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EC98E393-63AE-44CB-B756-BCC9707A7AC3}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{591D9F6C-753C-452A-8F2F-401EC8BB96F1}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{1AC2EC5C-7D33-4C46-8B07-B4F1FD76788B}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{E7D3B33F-3267-47EA-BAD3-DD2550CB6FB7}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{1E0DC670-5CE4-490A-9C71-6E62B3D2ABF8}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{6DDC6DF0-7968-4B3C-89B4-A34CCA075212}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
FirewallRules: [{BD2698D3-29D8-4F61-ABA9-DA641056E032}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\VC.exe
FirewallRules: [{24405112-D314-4BA8-A4B7-3BF95B296717}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{984DA66F-DA00-421F-B3CB-373A1BB5775C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{14D42A10-301A-40EC-9DB9-97F88801A683}] => (Allow) svchost.exe
FirewallRules: [{8777C6B9-DFB9-442E-A490-FB8CAAC6E6E5}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{2E627FF4-76DF-439A-9B98-9F1C1FE5ABB4}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe
FirewallRules: [{C69B57AF-5EE4-4520-A232-4CA01FE5CEB1}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe
FirewallRules: [{4D311FE1-FF59-4C4B-B296-EC9F9A39B1E2}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
FirewallRules: [{7C98623F-EF72-44AB-853D-A3BF26D0FB48}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe
FirewallRules: [{003260B9-B836-4E53-B368-392D23CC7EB1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{17C6EC9F-5663-43B4-9FE3-A19B15F7DA0A}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{3D909085-D49E-4F1D-B300-103471E8665E}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{69166368-1AEB-4A03-9D60-155170870BA0}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe
FirewallRules: [{6D972633-F4EE-454E-AE94-28C6A44FC00E}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe
FirewallRules: [{20663C9E-B25F-4984-AFA2-DAEA00D308F9}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe
FirewallRules: [{F6ECD439-72CF-48BA-8983-E11C6703508A}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe
FirewallRules: [{F1FF7C95-5198-459E-9A39-0F85B37BCEC5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{A04087A4-3FF0-4EB5-8273-BBB7913A516A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{563449C5-DEFF-42D1-8E3E-0B9BA045AFA1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5C57C8CE-04C4-406B-BDFF-22593406AAA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{20DFC553-EDE2-4D7D-9A3B-13EC0F36F506}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7EA2E383-8A53-4BCE-854D-568BE4490E16}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{66C587D0-650B-4AD3-B68B-4D04914CF036}] => (Allow) %USERPROFILE%\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{DB2DE400-68DF-40CD-B117-15A9DE5C1A72}] => (Allow) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{FC1D87C6-4571-4268-AF4C-7717DDBE4AB1}] => (Allow) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{CF3F6D2B-4596-47B7-BA39-39258821775A}] => (Allow) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
FirewallRules: [{B2BEE773-D474-4034-962D-7D897CB542D1}] => (Allow) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
FirewallRules: [{15515B73-0B84-415A-A7D5-41B9D527B65B}] => (Allow) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
FirewallRules: [{B9F00F3D-48DA-4155-A7DE-706BD00507E5}] => (Allow) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
FirewallRules: [{C1125C0F-138A-4D25-BD67-0113B971CEE4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{295AF7BB-DEF3-434C-8D54-924C29B8C06D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F5CA664-6EA9-4BDF-996C-D6E1EF8EA113}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B967DB39-FC27-4613-9B4E-9CDA6876A8C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DC79014F-7EE4-4AD3-B033-6A1A5B4C597C}] => (Allow) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{F102AE90-3B92-4149-877F-1E94356DAE33}] => (Allow) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{DDCC8766-7791-4D54-93D1-614380BC88E8}] => (Allow) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{B86C820F-A0F3-4219-8CD6-44205F6F351F}] => (Allow) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{8F40B2BE-82F6-45DB-8F0C-9C92768278AB}C:\users\basti\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\basti\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DF060C30-77BB-4C29-868C-C7560AAF3CF9}C:\users\basti\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\basti\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0F0C3F19-26FF-4F84-A979-BBA99C153D29}] => (Allow) C:\Users\Basti\AppData\Roaming\Copy\CopyAgent.exe
FirewallRules: [TCP Query User{065F06AA-F43C-4097-AED3-ADAC4216CB1E}C:\users\basti\appdata\roaming\copy\copyagent.exe] => (Allow) C:\users\basti\appdata\roaming\copy\copyagent.exe
FirewallRules: [UDP Query User{55112F08-A8B3-450D-859B-C2101BC02857}C:\users\basti\appdata\roaming\copy\copyagent.exe] => (Allow) C:\users\basti\appdata\roaming\copy\copyagent.exe
FirewallRules: [{FAADA382-3CCE-482C-BAED-4DD9B7955067}] => (Allow) C:\Users\Basti\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{9A1EB208-4AF9-48D7-B708-0FC6B5D3BA54}C:\users\basti\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\basti\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{E3B22A3E-2034-4AFB-BAFF-135552BBA1B0}C:\users\basti\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\basti\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{FC74C984-655E-4FE7-A1AE-1938135D91B6}C:\users\basti\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\basti\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{EDEABB04-16B6-4431-A38C-0AE666ACA5E1}C:\users\basti\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\basti\appdata\roaming\spotify\spotify.exe
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Could not start eventlog service, could not read events.
Systemfehler 123 aufgetreten.
Die Syntax f�r den Dateinamen, Verzeichnisnamen oder die Datentr�gerbezeichnung ist falsch.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz
Percentage of memory in use: 68%
Total physical RAM: 4025.91 MB
Available physical RAM: 1281.77 MB
Total Virtual: 8050.02 MB
Available Virtual: 5003.93 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:280.49 GB) (Free:93.87 GB) NTFS
Drive d: (CD1) (CDROM) (Total:0.61 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 2A660D9E)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Not Active) - (Size=3.5 GB) - (Type=12)
Partition 3: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=280.5 GB) - (Type=OF Extended)
==================== End of log ============================
|
|
24.07.2015, 12:24
| #3 |
| /// the machine /// TB-Ausbilder    | Windows Update? Aero Design weg - bei mir auch hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
24.07.2015, 17:50
| #4 |
| | Windows Update? Aero Design weg - bei mir auch Mbar hat nichts gefunden... Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.07.24.05
rootkit: v2015.07.22.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
Basti :: BASTI-PC [administrator]
24.07.2015 13:29:28
mbar-log-2015-07-24 (13-29-28).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 368973
Time elapsed: 2 hour(s), 34 minute(s), 7 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 16:11:05.0677 0x15b8 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
16:11:45.0490 0x15b8 ============================================================
16:11:45.0490 0x15b8 Current date / time: 2015/07/24 16:11:45.0490
16:11:45.0490 0x15b8 SystemInfo:
16:11:45.0490 0x15b8
16:11:45.0490 0x15b8 OS Version: 6.1.7601 ServicePack: 1.0
16:11:45.0490 0x15b8 Product type: Workstation
16:11:45.0490 0x15b8 ComputerName: BASTI-PC
16:11:45.0490 0x15b8 UserName: Basti
16:11:45.0490 0x15b8 Windows directory: C:\Windows
16:11:45.0490 0x15b8 System windows directory: C:\Windows
16:11:45.0490 0x15b8 Running under WOW64
16:11:45.0490 0x15b8 Processor architecture: Intel x64
16:11:45.0490 0x15b8 Number of processors: 2
16:11:45.0490 0x15b8 Page size: 0x1000
16:11:45.0490 0x15b8 Boot type: Normal boot
16:11:45.0490 0x15b8 ============================================================
16:11:45.0842 0x15b8 KLMD registered as C:\Windows\system32\drivers\04147019.sys
16:11:46.0825 0x15b8 System UUID: {2D50518B-1DD1-4E5D-562B-F545E8BD4496}
16:11:48.0493 0x15b8 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:11:48.0509 0x15b8 ============================================================
16:11:48.0509 0x15b8 \Device\Harddisk0\DR0:
16:11:48.0509 0x15b8 MBR partitions:
16:11:48.0509 0x15b8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2300800, BlocksNum 0x32000
16:11:48.0540 0x15b8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2333000, BlocksNum 0x230FB000
16:11:48.0540 0x15b8 ============================================================
16:11:48.0587 0x15b8 C: <-> \Device\Harddisk0\DR0\Partition2
16:11:48.0648 0x15b8 ============================================================
16:11:48.0648 0x15b8 Initialize success
16:11:48.0648 0x15b8 ============================================================
16:12:24.0250 0x147c ============================================================
16:12:24.0250 0x147c Scan started
16:12:24.0250 0x147c Mode: Manual; SigCheck; TDLFS;
16:12:24.0250 0x147c ============================================================
16:12:24.0250 0x147c KSN ping started
16:12:26.0824 0x147c KSN ping finished: true
16:12:27.0526 0x147c ================ Scan system memory ========================
16:12:27.0526 0x147c System memory - ok
16:12:27.0526 0x147c ================ Scan services =============================
16:12:28.0056 0x147c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:12:28.0533 0x147c 1394ohci - ok
16:12:28.0689 0x147c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:12:28.0720 0x147c ACPI - ok
16:12:28.0783 0x147c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:12:28.0939 0x147c AcpiPmi - ok
16:12:29.0017 0x147c [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
16:12:29.0126 0x147c acsock - ok
16:12:29.0266 0x147c [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
16:12:29.0298 0x147c Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
16:12:31.0702 0x147c Detect skipped due to KSN trusted
16:12:31.0702 0x147c Adobe LM Service - ok
16:12:31.0874 0x147c [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:12:31.0889 0x147c AdobeARMservice - ok
16:12:32.0186 0x147c [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:12:32.0232 0x147c AdobeFlashPlayerUpdateSvc - ok
16:12:32.0357 0x147c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:12:32.0420 0x147c adp94xx - ok
16:12:32.0482 0x147c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:12:32.0529 0x147c adpahci - ok
16:12:32.0591 0x147c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:12:32.0622 0x147c adpu320 - ok
16:12:32.0685 0x147c [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:12:32.0810 0x147c AeLookupSvc - ok
16:12:32.0981 0x147c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:12:33.0122 0x147c AFD - ok
16:12:33.0200 0x147c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:12:33.0246 0x147c agp440 - ok
16:12:33.0293 0x147c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:12:33.0449 0x147c ALG - ok
16:12:33.0496 0x147c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:12:33.0527 0x147c aliide - ok
16:12:33.0574 0x147c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:12:33.0621 0x147c amdide - ok
16:12:33.0668 0x147c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:12:33.0761 0x147c AmdK8 - ok
16:12:33.0792 0x147c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:12:33.0855 0x147c AmdPPM - ok
16:12:33.0917 0x147c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:12:33.0980 0x147c amdsata - ok
16:12:34.0011 0x147c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:12:34.0058 0x147c amdsbs - ok
16:12:34.0089 0x147c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:12:34.0136 0x147c amdxata - ok
16:12:34.0214 0x147c [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
16:12:34.0339 0x147c AppID - ok
16:12:34.0386 0x147c [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:12:34.0449 0x147c AppIDSvc - ok
16:12:34.0527 0x147c [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
16:12:34.0605 0x147c Appinfo - ok
16:12:34.0714 0x147c [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:12:34.0729 0x147c Apple Mobile Device - ok
16:12:34.0776 0x147c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:12:34.0823 0x147c arc - ok
16:12:34.0839 0x147c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:12:34.0870 0x147c arcsas - ok
16:12:35.0087 0x147c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:12:35.0134 0x147c aspnet_state - ok
16:12:35.0180 0x147c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:12:35.0368 0x147c AsyncMac - ok
16:12:35.0430 0x147c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:12:35.0477 0x147c atapi - ok
16:12:35.0695 0x147c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:12:35.0804 0x147c AudioEndpointBuilder - ok
16:12:35.0882 0x147c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:12:35.0914 0x147c AudioSrv - ok
16:12:35.0976 0x147c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:12:36.0142 0x147c AxInstSV - ok
16:12:36.0211 0x147c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:12:36.0323 0x147c b06bdrv - ok
16:12:36.0385 0x147c [ 93AF5CCCE5145AA3C2F0A41E7F65149A, CAFC796517F256A51965EE9D615E0E8B5C79CE1E77C48667C3E4C929074D4F01 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:12:36.0416 0x147c b57nd60a - ok
16:12:36.0479 0x147c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:12:36.0619 0x147c BDESVC - ok
16:12:36.0650 0x147c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:12:36.0731 0x147c Beep - ok
16:12:36.0881 0x147c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:12:37.0027 0x147c BFE - ok
16:12:37.0090 0x147c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:12:37.0320 0x147c BITS - ok
16:12:37.0351 0x147c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:12:37.0418 0x147c blbdrive - ok
16:12:37.0601 0x147c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:12:37.0632 0x147c Bonjour Service - ok
16:12:37.0669 0x147c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:12:37.0794 0x147c bowser - ok
16:12:37.0841 0x147c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:12:37.0984 0x147c BrFiltLo - ok
16:12:37.0997 0x147c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:12:38.0029 0x147c BrFiltUp - ok
16:12:38.0091 0x147c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:12:38.0200 0x147c Browser - ok
16:12:38.0249 0x147c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:12:38.0327 0x147c Brserid - ok
16:12:38.0343 0x147c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:12:38.0390 0x147c BrSerWdm - ok
16:12:38.0405 0x147c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:12:38.0452 0x147c BrUsbMdm - ok
16:12:38.0468 0x147c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:12:38.0498 0x147c BrUsbSer - ok
16:12:38.0523 0x147c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:12:38.0568 0x147c BTHMODEM - ok
16:12:38.0620 0x147c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:12:38.0687 0x147c bthserv - ok
16:12:38.0750 0x147c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:12:38.0859 0x147c cdfs - ok
16:12:38.0937 0x147c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:12:38.0987 0x147c cdrom - ok
16:12:39.0043 0x147c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:12:39.0137 0x147c CertPropSvc - ok
16:12:39.0168 0x147c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:12:39.0259 0x147c circlass - ok
16:12:39.0355 0x147c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
16:12:39.0409 0x147c CLFS - ok
16:12:39.0549 0x147c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:12:39.0748 0x147c clr_optimization_v2.0.50727_32 - ok
16:12:39.0873 0x147c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:12:39.0936 0x147c clr_optimization_v2.0.50727_64 - ok
16:12:40.0060 0x147c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:12:40.0092 0x147c clr_optimization_v4.0.30319_32 - ok
16:12:40.0138 0x147c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:12:40.0216 0x147c clr_optimization_v4.0.30319_64 - ok
16:12:40.0263 0x147c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:12:40.0326 0x147c CmBatt - ok
16:12:41.0247 0x147c [ 0F28CFF8610425DF96FBB29794707959, 3FA8D13C29C79FA34A65D9E4502F09817F79DF57AF172FFDE48C147934FBBBCF ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
16:12:41.0497 0x147c cmdAgent - ok
16:12:41.0575 0x147c [ A337FA59FFA4786E4603CC8A440BBB49, 5298238B8894AB2112DCA5872A4C7EF9F8AAEE226D7C2957C840DC38A730D68D ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
16:12:41.0590 0x147c cmderd - ok
16:12:41.0715 0x147c [ C49B3C7F469C6F1AEAE90653D340B9FA, BBA2107D4817702E2E7F9185D2065EAE35562A4C8CA5A8A7EDF340F4EC700891 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
16:12:41.0746 0x147c cmdGuard - ok
16:12:41.0777 0x147c [ 85FD7C0057DEA753A93FDC783119541B, 3AFBD15EFF46DAA2FE315073CA3B885DF0BDA2D5BD8D234609C9BBFD841D119A ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
16:12:41.0809 0x147c cmdHlp - ok
16:12:41.0855 0x147c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:12:41.0918 0x147c cmdide - ok
16:12:42.0293 0x147c [ AB6513248071D4EA9736D504AAFD78FE, 02ECD1D8C2637004E3FD1C999CFEA3D6C07269C4F1D5C593DE58DE987554E40A ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
16:12:42.0402 0x147c cmdvirth - ok
16:12:42.0558 0x147c [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
16:12:42.0683 0x147c CNG - ok
16:12:42.0746 0x147c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:12:42.0761 0x147c Compbatt - ok
16:12:42.0824 0x147c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:12:42.0933 0x147c CompositeBus - ok
16:12:42.0948 0x147c COMSysApp - ok
16:12:42.0964 0x147c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:12:42.0980 0x147c crcdisk - ok
16:12:43.0058 0x147c [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:12:43.0152 0x147c CryptSvc - ok
16:12:43.0230 0x147c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:12:43.0308 0x147c DcomLaunch - ok
16:12:43.0355 0x147c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:12:43.0449 0x147c defragsvc - ok
16:12:43.0527 0x147c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:12:43.0636 0x147c DfsC - ok
16:12:43.0714 0x147c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:12:43.0823 0x147c Dhcp - ok
16:12:44.0026 0x147c [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
16:12:44.0167 0x147c DiagTrack - ok
16:12:44.0230 0x147c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:12:44.0323 0x147c discache - ok
16:12:44.0402 0x147c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:12:44.0480 0x147c Disk - ok
16:12:44.0652 0x147c [ D5BCB77BE83CF99F508943945D46343D, 00C5624CE970A05075A19168643BF6E8FA60C764333ECEC088D7FFCA10547833 ] DKbFltr C:\Windows\SysWOW64\Drivers\DKbFltr.sys
16:12:44.0683 0x147c DKbFltr - ok
16:12:44.0714 0x147c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:12:44.0823 0x147c Dnscache - ok
16:12:44.0886 0x147c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:12:45.0011 0x147c dot3svc - ok
16:12:45.0089 0x147c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:12:45.0182 0x147c DPS - ok
16:12:45.0229 0x147c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:12:45.0369 0x147c drmkaud - ok
16:12:45.0447 0x147c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:12:45.0525 0x147c DXGKrnl - ok
16:12:45.0603 0x147c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:12:45.0666 0x147c EapHost - ok
16:12:46.0149 0x147c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:12:46.0383 0x147c ebdrv - ok
16:12:46.0446 0x147c [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS C:\Windows\System32\lsass.exe
16:12:46.0555 0x147c EFS - ok
16:12:46.0695 0x147c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:12:46.0851 0x147c ehRecvr - ok
16:12:46.0883 0x147c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:12:46.0976 0x147c ehSched - ok
16:12:47.0085 0x147c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:12:47.0163 0x147c elxstor - ok
16:12:47.0210 0x147c [ A9EC08727C64D985678F5B64C03823F0, 00F4856BF61068716EE9FDD9020B90AE4489F4DA6C5822F5AA0326CD7610F6A6 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
16:12:47.0320 0x147c enecir - ok
16:12:47.0352 0x147c [ E17EB95358F396E27D573A1B20F891F8, 23D12C2AC2CF7D3441632F1BAF43E9C7554DD9A85F2B08253710DE3C7555B540 ] enecirhid C:\Windows\system32\DRIVERS\enecirhid.sys
16:12:47.0414 0x147c enecirhid - ok
16:12:47.0445 0x147c [ 8492D808C79BD6FE439F77BE84956CDF, 8B2D14C5A7FFA72144E1113B4DDAD7F1258F707442EDE0E4EF3CBB72886EFE8E ] enecirhidma C:\Windows\system32\DRIVERS\enecirhidma.sys
16:12:47.0492 0x147c enecirhidma - ok
16:12:47.0757 0x147c [ FEB08A605613DBAC49A12F8711882201, F94F1859B01CC043B0B102DD319D956E54AADA6FABD7A722F43A124073A62040 ] ePowerSvc C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
16:12:47.0788 0x147c ePowerSvc - ok
16:12:47.0860 0x147c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:12:47.0950 0x147c ErrDev - ok
16:12:48.0031 0x147c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:12:48.0095 0x147c EventSystem - ok
16:12:48.0158 0x147c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:12:48.0279 0x147c exfat - ok
16:12:48.0327 0x147c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:12:48.0421 0x147c fastfat - ok
16:12:48.0605 0x147c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:12:48.0741 0x147c Fax - ok
16:12:48.0763 0x147c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:12:48.0844 0x147c fdc - ok
16:12:48.0879 0x147c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:12:48.0957 0x147c fdPHost - ok
16:12:48.0988 0x147c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:12:49.0074 0x147c FDResPub - ok
16:12:49.0096 0x147c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:12:49.0143 0x147c FileInfo - ok
16:12:49.0159 0x147c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:12:49.0284 0x147c Filetrace - ok
16:12:49.0315 0x147c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:12:49.0385 0x147c flpydisk - ok
16:12:49.0506 0x147c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:12:49.0537 0x147c FltMgr - ok
16:12:49.0651 0x147c [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
16:12:49.0820 0x147c FontCache - ok
16:12:49.0946 0x147c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:12:50.0153 0x147c FontCache3.0.0.0 - ok
16:12:50.0214 0x147c [ 305380D5D33BFDEAAF14D73E969239FC, 5863AF0FAF51F3FCDEB1FB2CE4A67FF4A574F06C1E02B627638DC0C810E24DA6 ] FPSensor C:\Windows\system32\Drivers\FPSensor.sys
16:12:50.0252 0x147c FPSensor - ok
16:12:50.0286 0x147c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:12:50.0338 0x147c FsDepends - ok
16:12:50.0390 0x147c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:12:50.0427 0x147c Fs_Rec - ok
16:12:50.0469 0x147c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:12:50.0516 0x147c fvevol - ok
16:12:50.0568 0x147c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:12:50.0630 0x147c gagp30kx - ok
16:12:50.0711 0x147c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:12:50.0737 0x147c GEARAspiWDM - ok
16:12:50.0881 0x147c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:12:50.0980 0x147c gpsvc - ok
16:12:51.0125 0x147c [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
16:12:51.0170 0x147c Greg_Service - ok
16:12:51.0310 0x147c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:12:51.0341 0x147c gupdate - ok
16:12:51.0372 0x147c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:12:51.0388 0x147c gupdatem - ok
16:12:51.0421 0x147c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:12:51.0563 0x147c hcw85cir - ok
16:12:51.0709 0x147c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:12:51.0826 0x147c HdAudAddService - ok
16:12:51.0860 0x147c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:12:51.0928 0x147c HDAudBus - ok
16:12:51.0991 0x147c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:12:52.0053 0x147c HidBatt - ok
16:12:52.0115 0x147c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:12:52.0196 0x147c HidBth - ok
16:12:52.0230 0x147c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:12:52.0308 0x147c HidIr - ok
16:12:52.0339 0x147c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:12:52.0401 0x147c hidserv - ok
16:12:52.0474 0x147c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:12:52.0583 0x147c HidUsb - ok
16:12:52.0645 0x147c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:12:52.0695 0x147c hkmsvc - ok
16:12:52.0773 0x147c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:12:52.0882 0x147c HomeGroupListener - ok
16:12:52.0946 0x147c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:12:52.0992 0x147c HomeGroupProvider - ok
16:12:53.0039 0x147c [ DBD2BB97A574FC565B1EB5C0A03F917A, 3946F8F95C3A7371E168BC82F068E7F830A07FD545A16F47336902E174E0370A ] HPFXBULK C:\Windows\system32\drivers\hpfx64bulk.sys
16:12:53.0086 0x147c HPFXBULK - ok
16:12:53.0133 0x147c [ 219C2A07FD07023D3905C332BF6F9BA8, D1648BB751909470D307A915F07B4F54282B94E159378CC7118D6F32478020E9 ] HPFXFAX C:\Windows\system32\drivers\hpfx64fax.sys
16:12:53.0164 0x147c HPFXFAX - ok
16:12:53.0215 0x147c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:12:53.0277 0x147c HpSAMD - ok
16:12:53.0717 0x147c [ D4F91CF4DE215D6F14A06087D46725E4, 656E78AB0CD5B3DA396F937CF05863F80C9E430EDED6F68A88F39604A052921B ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:12:53.0779 0x147c HPSLPSVC - ok
16:12:53.0935 0x147c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:12:54.0060 0x147c HTTP - ok
16:12:54.0122 0x147c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:12:54.0185 0x147c hwpolicy - ok
16:12:54.0248 0x147c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:12:54.0295 0x147c i8042prt - ok
16:12:54.0437 0x147c [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:12:54.0469 0x147c IAANTMON - ok
16:12:54.0631 0x147c [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:12:54.0662 0x147c iaStor - ok
16:12:54.0766 0x147c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:12:54.0860 0x147c iaStorV - ok
16:12:54.0938 0x147c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:12:55.0000 0x147c idsvc - ok
16:12:55.0047 0x147c IEEtwCollectorService - ok
16:12:55.0275 0x147c [ 607013AF90E9107664F7204613DB5631, 6761E3385D6ED681533DC5FE57923C2876128F098B0364D958891CED12AC6E90 ] IGBASVC C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
16:12:55.0471 0x147c IGBASVC - detected UnsignedFile.Multi.Generic ( 1 )
16:12:57.0844 0x147c Detect skipped due to KSN trusted
16:12:57.0844 0x147c IGBASVC - ok
16:12:58.0216 0x147c [ 0FD8F9B3875813F7F6467C74C5BE270A, BB938BDBF9A34920A2D46DF7E21980E2FCD81613D68A2835FBDE3C9076AFB262 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:12:58.0547 0x147c igfx - ok
16:12:58.0594 0x147c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:12:58.0641 0x147c iirsp - ok
16:12:58.0791 0x147c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:12:58.0838 0x147c IKEEXT - ok
16:12:58.0869 0x147c [ 6BC36E24396DB59AF5BF6F872F298435, BF6FCA894219840FDFF4655D2E1551B89CD39F731A339FD0C052E0F7733CF9D3 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
16:12:58.0900 0x147c inspect - ok
16:12:59.0049 0x147c [ 430AAB6C09AF99D5BEB311795349E9DD, 5B4502BB9202B2DC59731BC4777755D770C380840B266C351940905DDB3E42BA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:12:59.0182 0x147c IntcAzAudAddService - ok
16:12:59.0229 0x147c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:12:59.0260 0x147c intelide - ok
16:12:59.0276 0x147c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:12:59.0338 0x147c intelppm - ok
16:12:59.0371 0x147c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:12:59.0449 0x147c IPBusEnum - ok
16:12:59.0545 0x147c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:12:59.0676 0x147c IpFilterDriver - ok
16:12:59.0825 0x147c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:12:59.0986 0x147c iphlpsvc - ok
16:13:00.0017 0x147c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:13:00.0111 0x147c IPMIDRV - ok
16:13:00.0158 0x147c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:13:00.0252 0x147c IPNAT - ok
16:13:00.0377 0x147c [ 6660920D05A32DF2DC1260CEF0B6D172, 2C4361B59CD9F41519FDF14EC69F2E37E1B0635ACA476E4BEF2152C925E35F9F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:13:00.0403 0x147c iPod Service - ok
16:13:00.0434 0x147c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:13:00.0559 0x147c IRENUM - ok
16:13:00.0615 0x147c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:13:00.0662 0x147c isapnp - ok
16:13:00.0740 0x147c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:13:00.0772 0x147c iScsiPrt - ok
16:13:00.0819 0x147c [ DB917B998CBC15A153C00DD6EFC34C13, 5FF4DA2C2D567AAD435730EA910016F2E9DE8BDF0A414A477B72248D16A47115 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
16:13:00.0844 0x147c JMCR - ok
16:13:00.0891 0x147c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:13:00.0937 0x147c kbdclass - ok
16:13:01.0015 0x147c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:13:01.0088 0x147c kbdhid - ok
16:13:01.0103 0x147c [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso C:\Windows\system32\lsass.exe
16:13:01.0150 0x147c KeyIso - ok
16:13:01.0181 0x147c [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:13:01.0244 0x147c KSecDD - ok
16:13:01.0285 0x147c [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:13:01.0316 0x147c KSecPkg - ok
16:13:01.0363 0x147c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:13:01.0472 0x147c ksthunk - ok
16:13:01.0519 0x147c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:13:01.0613 0x147c KtmRm - ok
16:13:01.0715 0x147c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:13:01.0793 0x147c LanmanServer - ok
16:13:01.0856 0x147c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:13:01.0950 0x147c LanmanWorkstation - ok
16:13:01.0981 0x147c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:13:02.0059 0x147c lltdio - ok
16:13:02.0108 0x147c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:13:02.0179 0x147c lltdsvc - ok
16:13:02.0226 0x147c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:13:02.0304 0x147c lmhosts - ok
16:13:02.0353 0x147c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:13:02.0416 0x147c LSI_FC - ok
16:13:02.0461 0x147c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:13:02.0480 0x147c LSI_SAS - ok
16:13:02.0480 0x147c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:13:02.0511 0x147c LSI_SAS2 - ok
16:13:02.0539 0x147c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:13:02.0580 0x147c LSI_SCSI - ok
16:13:02.0626 0x147c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:13:02.0716 0x147c luafv - ok
16:13:02.0893 0x147c [ 034606B82FA5BD3E73AB427B6D55F915, F24AA57D46F3AD5FBBE29CE9E2D8798FA1FC98A9004E10EEED3D651F52A6143B ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
16:13:02.0926 0x147c McComponentHostService - ok
16:13:03.0027 0x147c [ 79D51E7F5926E8CE1B3EBECEBAE28CFF, 2722E217AF11F928E58F694E5C1CC5776283A56C54E7F84401FECFBD73E91EBA ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
16:13:03.0058 0x147c mcdbus - ok
16:13:03.0107 0x147c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:13:03.0154 0x147c Mcx2Svc - ok
16:13:03.0196 0x147c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:13:03.0226 0x147c megasas - ok
16:13:03.0275 0x147c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:13:03.0330 0x147c MegaSR - ok
16:13:03.0434 0x147c [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:13:03.0446 0x147c Microsoft Office Groove Audit Service - ok
16:13:03.0477 0x147c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:13:03.0561 0x147c MMCSS - ok
16:13:03.0587 0x147c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:13:03.0650 0x147c Modem - ok
16:13:03.0697 0x147c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:13:03.0744 0x147c monitor - ok
16:13:03.0829 0x147c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:13:03.0885 0x147c mouclass - ok
16:13:03.0920 0x147c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:13:03.0944 0x147c mouhid - ok
16:13:03.0980 0x147c [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:13:04.0034 0x147c mountmgr - ok
16:13:04.0129 0x147c [ D1CB0BC1CBA61639FE7162C5476A22C0, 80469683BD18CE0B6E9D9BD3613A63896F3D50A783EFDC15CEA28560C151C6B9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:13:04.0144 0x147c MozillaMaintenance - ok
16:13:04.0193 0x147c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:13:04.0259 0x147c mpio - ok
16:13:04.0292 0x147c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:13:04.0367 0x147c mpsdrv - ok
16:13:04.0508 0x147c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:13:04.0620 0x147c MpsSvc - ok
16:13:04.0657 0x147c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:13:04.0745 0x147c MRxDAV - ok
16:13:04.0797 0x147c [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:13:04.0892 0x147c mrxsmb - ok
16:13:04.0924 0x147c [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:13:04.0969 0x147c mrxsmb10 - ok
16:13:05.0011 0x147c [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:13:05.0050 0x147c mrxsmb20 - ok
16:13:05.0094 0x147c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:13:05.0144 0x147c msahci - ok
16:13:05.0213 0x147c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:13:05.0260 0x147c msdsm - ok
16:13:05.0307 0x147c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:13:05.0354 0x147c MSDTC - ok
16:13:05.0385 0x147c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:13:05.0473 0x147c Msfs - ok
16:13:05.0516 0x147c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:13:05.0629 0x147c mshidkmdf - ok
16:13:05.0665 0x147c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:13:05.0691 0x147c msisadrv - ok
16:13:05.0728 0x147c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:13:05.0827 0x147c MSiSCSI - ok
16:13:05.0831 0x147c msiserver - ok
16:13:05.0861 0x147c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:13:05.0923 0x147c MSKSSRV - ok
16:13:05.0939 0x147c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:13:06.0034 0x147c MSPCLOCK - ok
16:13:06.0065 0x147c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:13:06.0143 0x147c MSPQM - ok
16:13:06.0191 0x147c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:13:06.0222 0x147c MsRPC - ok
16:13:06.0269 0x147c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:13:06.0284 0x147c mssmbios - ok
16:13:06.0316 0x147c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:13:06.0380 0x147c MSTEE - ok
16:13:06.0411 0x147c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:13:06.0474 0x147c MTConfig - ok
16:13:06.0505 0x147c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:13:06.0520 0x147c Mup - ok
16:13:06.0567 0x147c [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
16:13:06.0583 0x147c mwlPSDFilter - ok
16:13:06.0598 0x147c [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
16:13:06.0617 0x147c mwlPSDNServ - ok
16:13:06.0633 0x147c [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
16:13:06.0664 0x147c mwlPSDVDisk - ok
16:13:06.0742 0x147c [ 2F139207F618EC2933830227EEFFDDB4, 2942452EC631BF11CCCDA397C756CBBC0337F58B215A3F02DA263818CB3BE9A9 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
16:13:06.0773 0x147c MWLService - ok
16:13:06.0979 0x147c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:13:07.0026 0x147c napagent - ok
16:13:07.0104 0x147c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:13:07.0182 0x147c NativeWifiP - ok
16:13:07.0549 0x147c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:13:07.0581 0x147c NDIS - ok
16:13:07.0627 0x147c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:13:07.0731 0x147c NdisCap - ok
16:13:07.0778 0x147c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:13:07.0871 0x147c NdisTapi - ok
16:13:07.0905 0x147c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:13:07.0983 0x147c Ndisuio - ok
16:13:08.0061 0x147c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:13:08.0163 0x147c NdisWan - ok
16:13:08.0245 0x147c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:13:08.0339 0x147c NDProxy - ok
16:13:08.0417 0x147c [ DC6530A291D4BDF6DF399F1F128E7F8F, 85123D802063383646EEBC60F4ABBCDBA2AE3180E99A8A99C024B1EBB0C6690E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:13:08.0466 0x147c Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
16:13:10.0862 0x147c Detect skipped due to KSN trusted
16:13:10.0862 0x147c Net Driver HPZ12 - ok
16:13:10.0901 0x147c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:13:11.0226 0x147c NetBIOS - ok
16:13:11.0314 0x147c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:13:11.0644 0x147c NetBT - ok
16:13:11.0670 0x147c [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon C:\Windows\system32\lsass.exe
16:13:11.0712 0x147c Netlogon - ok
16:13:11.0777 0x147c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:13:11.0869 0x147c Netman - ok
16:13:11.0984 0x147c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:13:12.0056 0x147c NetMsmqActivator - ok
16:13:12.0068 0x147c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:13:12.0093 0x147c NetPipeActivator - ok
16:13:12.0183 0x147c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:13:12.0289 0x147c netprofm - ok
16:13:12.0339 0x147c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:13:12.0363 0x147c NetTcpActivator - ok
16:13:12.0374 0x147c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:13:12.0398 0x147c NetTcpPortSharing - ok
16:13:13.0085 0x147c [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
16:13:13.0498 0x147c NETw5s64 - ok
16:13:13.0827 0x147c [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
16:13:14.0171 0x147c netw5v64 - ok
16:13:14.0226 0x147c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:13:14.0269 0x147c nfrd960 - ok
16:13:14.0354 0x147c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:13:14.0489 0x147c NlaSvc - ok
16:13:14.0513 0x147c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:13:14.0595 0x147c Npfs - ok
16:13:14.0681 0x147c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:13:14.0733 0x147c nsi - ok
16:13:14.0760 0x147c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:13:14.0839 0x147c nsiproxy - ok
16:13:15.0088 0x147c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:13:15.0192 0x147c Ntfs - ok
16:13:15.0235 0x147c [ F9B8245BEFA165E1311AF101387BDF5D, BF497BBAF82864AEB8E741DC666C934A02BEE4EC8E956BAE92891B88DFA58261 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
16:13:15.0255 0x147c NTI IScheduleSvc - ok
16:13:15.0285 0x147c [ FD324CCE1D4D5BB5AF65F8E55B462C7E, 901287499F33EFD3B1EE6CBDAD4E4DD342DC62FCDCCEF5375CB9D7B0673EE1E6 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
16:13:15.0302 0x147c NTIBackupSvc - ok
16:13:15.0342 0x147c [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
16:13:15.0396 0x147c NTIDrvr - ok
16:13:15.0450 0x147c [ 3F6268A2EC33CD38CF75C880AF8DED42, 6CA4A527878042C3BB40A7C0F4F9434827C7E60F989EB7C39BBAD0F270404EEE ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
16:13:15.0484 0x147c NTISchedulerSvc - ok
16:13:15.0512 0x147c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:13:15.0612 0x147c Null - ok
16:13:15.0691 0x147c [ CB599955CE2CE9694721562F9481CD84, DC8B802396E9D0F11D1855A622E7438711C029D3B76550A953A44CEB8A7E468F ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:13:15.0713 0x147c NVHDA - ok
16:13:16.0624 0x147c [ EF2483EC699C3BBC73A1031B4CED49C5, 36A32A1D0EFF34137D993F418EF22CE117CD3023682B16F426C40722057A97DE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:13:17.0284 0x147c nvlddmkm - ok
16:13:17.0402 0x147c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:13:17.0459 0x147c nvraid - ok
16:13:17.0498 0x147c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:13:17.0569 0x147c nvstor - ok
16:13:17.0630 0x147c [ A7F752D5F51CB36432767168F328C9CE, 969A02EAA9DD290B2D82D1906E2A0003C71C5519FD6C88EDBBF47150C046F2C1 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:13:17.0660 0x147c nvsvc - ok
16:13:17.0721 0x147c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:13:17.0774 0x147c nv_agp - ok
16:13:17.0987 0x147c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:13:18.0020 0x147c odserv - ok
16:13:18.0079 0x147c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:13:18.0136 0x147c ohci1394 - ok
16:13:18.0255 0x147c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:13:18.0275 0x147c ose - ok
16:13:18.0352 0x147c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:13:18.0458 0x147c p2pimsvc - ok
16:13:18.0488 0x147c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:13:18.0598 0x147c p2psvc - ok
16:13:18.0637 0x147c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:13:18.0673 0x147c Parport - ok
16:13:18.0751 0x147c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:13:18.0776 0x147c partmgr - ok
16:13:18.0840 0x147c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:13:18.0942 0x147c PcaSvc - ok
16:13:18.0973 0x147c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:13:19.0060 0x147c pci - ok
16:13:19.0094 0x147c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:13:19.0141 0x147c pciide - ok
16:13:19.0174 0x147c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:13:19.0227 0x147c pcmcia - ok
16:13:19.0243 0x147c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:13:19.0308 0x147c pcw - ok
16:13:19.0418 0x147c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:13:19.0496 0x147c PEAUTH - ok
16:13:19.0605 0x147c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:13:19.0824 0x147c PerfHost - ok
16:13:20.0073 0x147c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:13:20.0245 0x147c pla - ok
16:13:20.0401 0x147c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:13:20.0510 0x147c PlugPlay - ok
16:13:20.0573 0x147c [ 71F62C51DFDFBC04C83C5C64B2B8058E, CAB12E6D27BE421BD5A3CB04066EA50303A3210332ECC4B5C03B5F19735FC857 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:13:20.0619 0x147c Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
16:13:23.0014 0x147c Detect skipped due to KSN trusted
16:13:23.0014 0x147c Pml Driver HPZ12 - ok
16:13:23.0048 0x147c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:13:23.0134 0x147c PNRPAutoReg - ok
16:13:23.0163 0x147c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:13:23.0209 0x147c PNRPsvc - ok
16:13:23.0369 0x147c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:13:23.0494 0x147c PolicyAgent - ok
16:13:23.0550 0x147c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:13:23.0628 0x147c Power - ok
16:13:23.0700 0x147c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:13:23.0960 0x147c PptpMiniport - ok
16:13:24.0035 0x147c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:13:24.0148 0x147c Processor - ok
16:13:24.0227 0x147c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
16:13:24.0310 0x147c ProfSvc - ok
16:13:24.0341 0x147c [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
16:13:24.0379 0x147c ProtectedStorage - ok
16:13:24.0503 0x147c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:13:24.0579 0x147c Psched - ok
16:13:24.0848 0x147c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:13:24.0951 0x147c ql2300 - ok
16:13:24.0978 0x147c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:13:25.0025 0x147c ql40xx - ok
16:13:25.0072 0x147c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:13:25.0134 0x147c QWAVE - ok
16:13:25.0169 0x147c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:13:25.0278 0x147c QWAVEdrv - ok
16:13:25.0318 0x147c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:13:25.0389 0x147c RasAcd - ok
16:13:25.0476 0x147c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:13:25.0610 0x147c RasAgileVpn - ok
16:13:25.0672 0x147c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:13:25.0762 0x147c RasAuto - ok
16:13:25.0856 0x147c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:13:25.0981 0x147c Rasl2tp - ok
16:13:26.0076 0x147c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:13:26.0173 0x147c RasMan - ok
16:13:26.0288 0x147c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:13:26.0393 0x147c RasPppoe - ok
16:13:26.0440 0x147c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:13:26.0555 0x147c RasSstp - ok
16:13:26.0649 0x147c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:13:26.0816 0x147c rdbss - ok
16:13:26.0858 0x147c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:13:26.0922 0x147c rdpbus - ok
16:13:26.0954 0x147c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:13:27.0063 0x147c RDPCDD - ok
16:13:27.0129 0x147c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:13:27.0224 0x147c RDPENCDD - ok
16:13:27.0256 0x147c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:13:27.0335 0x147c RDPREFMP - ok
16:13:27.0382 0x147c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:13:27.0507 0x147c RDPWD - ok
16:13:27.0554 0x147c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:13:27.0726 0x147c rdyboost - ok
16:13:27.0776 0x147c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:13:27.0903 0x147c RemoteAccess - ok
16:13:27.0998 0x147c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:13:28.0109 0x147c RemoteRegistry - ok
16:13:28.0171 0x147c [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
16:13:28.0296 0x147c RimUsb - ok
16:13:28.0378 0x147c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:13:28.0486 0x147c RpcEptMapper - ok
16:13:28.0526 0x147c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:13:28.0573 0x147c RpcLocator - ok
16:13:28.0666 0x147c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:13:28.0713 0x147c RpcSs - ok
16:13:28.0760 0x147c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:13:28.0824 0x147c rspndr - ok
16:13:28.0902 0x147c [ B5A4B7D779CF4070DF408DE18BD33B02, 45D68D32AE10DB0D76F3455DF84ACD2289485C38FC411B71C2DD3E0FB9923473 ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
16:13:28.0934 0x147c RS_Service - detected UnsignedFile.Multi.Generic ( 1 )
16:13:31.0326 0x147c Detect skipped due to KSN trusted
16:13:31.0326 0x147c RS_Service - ok
16:13:31.0361 0x147c [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs C:\Windows\system32\lsass.exe
16:13:31.0382 0x147c SamSs - ok
16:13:31.0430 0x147c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:13:31.0568 0x147c sbp2port - ok
16:13:31.0692 0x147c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:13:31.0769 0x147c SCardSvr - ok
16:13:31.0854 0x147c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:13:31.0973 0x147c scfilter - ok
16:13:32.0156 0x147c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:13:32.0293 0x147c Schedule - ok
16:13:32.0371 0x147c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:13:32.0421 0x147c SCPolicySvc - ok
16:13:32.0517 0x147c [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
16:13:32.0548 0x147c sdbus - ok
16:13:32.0626 0x147c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:13:32.0743 0x147c SDRSVC - ok
16:13:32.0805 0x147c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:13:32.0899 0x147c secdrv - ok
16:13:32.0969 0x147c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:13:33.0078 0x147c seclogon - ok
16:13:33.0152 0x147c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:13:33.0227 0x147c SENS - ok
16:13:33.0274 0x147c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:13:33.0401 0x147c SensrSvc - ok
16:13:33.0447 0x147c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:13:33.0525 0x147c Serenum - ok
16:13:33.0572 0x147c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:13:33.0635 0x147c Serial - ok
16:13:33.0699 0x147c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:13:33.0777 0x147c sermouse - ok
16:13:33.0886 0x147c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:13:33.0972 0x147c SessionEnv - ok
16:13:34.0003 0x147c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:13:34.0113 0x147c sffdisk - ok
16:13:34.0181 0x147c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:13:34.0243 0x147c sffp_mmc - ok
16:13:34.0259 0x147c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:13:34.0337 0x147c sffp_sd - ok
16:13:34.0416 0x147c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:13:34.0512 0x147c sfloppy - ok
16:13:34.0605 0x147c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:13:34.0692 0x147c SharedAccess - ok
16:13:34.0792 0x147c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:13:34.0855 0x147c ShellHWDetection - ok
16:13:34.0886 0x147c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:13:34.0989 0x147c SiSRaid2 - ok
16:13:35.0020 0x147c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:13:35.0098 0x147c SiSRaid4 - ok
16:13:35.0373 0x147c [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:13:35.0398 0x147c SkypeUpdate - ok
16:13:35.0476 0x147c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:13:35.0585 0x147c Smb - ok
16:13:35.0689 0x147c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:13:35.0751 0x147c SNMPTRAP - ok
16:13:35.0798 0x147c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:13:35.0814 0x147c spldr - ok
16:13:35.0955 0x147c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:13:36.0090 0x147c Spooler - ok
16:13:36.0579 0x147c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:13:36.0835 0x147c sppsvc - ok
16:13:36.0913 0x147c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:13:37.0055 0x147c sppuinotify - ok
16:13:37.0165 0x147c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:13:37.0431 0x147c srv - ok
16:13:37.0525 0x147c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:13:37.0739 0x147c srv2 - ok
16:13:37.0835 0x147c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:13:37.0983 0x147c srvnet - ok
16:13:38.0061 0x147c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:13:38.0172 0x147c SSDPSRV - ok
16:13:38.0235 0x147c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:13:38.0298 0x147c SstpSvc - ok
16:13:38.0361 0x147c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:13:38.0470 0x147c stexstor - ok
16:13:38.0724 0x147c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:13:38.0880 0x147c stisvc - ok
16:13:38.0992 0x147c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
16:13:39.0101 0x147c swenum - ok
16:13:39.0305 0x147c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:13:39.0507 0x147c swprv - ok
16:13:39.0627 0x147c [ BCF305959B53B200CEB2AD25AD22F8A7, 74F71313A87C1FDDE2B373EA8D30346D47669CAA7CCE83AB6F8452C268F65787 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:13:39.0690 0x147c SynTP - ok
16:13:39.0958 0x147c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:13:40.0114 0x147c SysMain - ok
16:13:40.0178 0x147c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:13:40.0667 0x147c TabletInputService - ok
16:13:40.0752 0x147c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:13:41.0047 0x147c TapiSrv - ok
16:13:41.0079 0x147c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:13:41.0188 0x147c TBS - ok
16:13:41.0485 0x147c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:13:41.0615 0x147c Tcpip - ok
16:13:41.0989 0x147c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:13:42.0052 0x147c TCPIP6 - ok
16:13:42.0194 0x147c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:13:42.0273 0x147c tcpipreg - ok
16:13:42.0352 0x147c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:13:42.0558 0x147c TDPIPE - ok
16:13:42.0633 0x147c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:13:42.0664 0x147c TDTCP - ok
16:13:42.0775 0x147c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:13:42.0981 0x147c tdx - ok
16:13:43.0060 0x147c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
16:13:43.0122 0x147c TermDD - ok
16:13:43.0258 0x147c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
16:13:43.0367 0x147c TermService - ok
16:13:43.0430 0x147c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:13:43.0463 0x147c Themes - ok
16:13:43.0510 0x147c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:13:43.0557 0x147c THREADORDER - ok
16:13:43.0635 0x147c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:13:43.0728 0x147c TrkWks - ok
16:13:43.0853 0x147c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:13:43.0947 0x147c TrustedInstaller - ok
16:13:44.0042 0x147c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:13:44.0089 0x147c tssecsrv - ok
16:13:44.0188 0x147c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:13:44.0283 0x147c TsUsbFlt - ok
16:13:44.0411 0x147c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:13:44.0536 0x147c tunnel - ok
16:13:44.0567 0x147c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:13:44.0632 0x147c uagp35 - ok
16:13:44.0679 0x147c [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
16:13:44.0726 0x147c UBHelper - ok
16:13:44.0804 0x147c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:13:44.0978 0x147c udfs - ok
16:13:45.0040 0x147c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:13:45.0150 0x147c UI0Detect - ok
16:13:45.0181 0x147c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:13:45.0212 0x147c uliagpkx - ok
16:13:45.0321 0x147c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:13:45.0415 0x147c umbus - ok
16:13:45.0495 0x147c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:13:45.0574 0x147c UmPass - ok
16:13:45.0710 0x147c [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
16:13:45.0725 0x147c Updater Service - ok
16:13:45.0805 0x147c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:13:45.0947 0x147c upnphost - ok
16:13:46.0042 0x147c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:13:46.0151 0x147c USBAAPL64 - ok
16:13:46.0198 0x147c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:13:46.0433 0x147c usbccgp - ok
16:13:46.0496 0x147c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:13:46.0615 0x147c usbcir - ok
16:13:46.0677 0x147c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:13:46.0759 0x147c usbehci - ok
16:13:46.0837 0x147c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:13:46.0931 0x147c usbhub - ok
16:13:46.0978 0x147c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:13:47.0071 0x147c usbohci - ok
16:13:47.0118 0x147c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:13:47.0250 0x147c usbprint - ok
16:13:47.0326 0x147c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:13:47.0438 0x147c usbscan - ok
16:13:47.0516 0x147c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:13:47.0642 0x147c USBSTOR - ok
16:13:47.0720 0x147c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:13:47.0822 0x147c usbuhci - ok
16:13:47.0931 0x147c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:13:48.0056 0x147c usbvideo - ok
16:13:48.0087 0x147c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:13:48.0168 0x147c UxSms - ok
16:13:48.0269 0x147c [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc C:\Windows\system32\lsass.exe
16:13:48.0285 0x147c VaultSvc - ok
16:13:48.0347 0x147c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:13:48.0380 0x147c vdrvroot - ok
16:13:48.0484 0x147c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:13:48.0578 0x147c vds - ok
16:13:48.0679 0x147c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:13:48.0711 0x147c vga - ok
16:13:48.0742 0x147c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:13:48.0836 0x147c VgaSave - ok
16:13:48.0914 0x147c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:13:49.0036 0x147c vhdmp - ok
16:13:49.0131 0x147c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:13:49.0222 0x147c viaide - ok
16:13:49.0264 0x147c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:13:49.0309 0x147c volmgr - ok
16:13:49.0429 0x147c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:13:49.0540 0x147c volmgrx - ok
16:13:49.0669 0x147c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:13:49.0772 0x147c volsnap - ok
16:13:49.0947 0x147c [ B9B364EAD1438DD80A820D214E821D28, FF93A9289961378CA89D708519CB27D9ABB27D8556985AB4A40DEEFE86F1FBE0 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
16:13:49.0982 0x147c vpnagent - ok
16:13:50.0092 0x147c [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\Windows\system32\DRIVERS\vpnva64-6.sys
16:13:50.0155 0x147c vpnva - ok
16:13:50.0210 0x147c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:13:50.0279 0x147c vsmraid - ok
16:13:50.0518 0x147c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:13:50.0721 0x147c VSS - ok
16:13:50.0766 0x147c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:13:50.0856 0x147c vwifibus - ok
16:13:50.0912 0x147c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:13:51.0036 0x147c vwififlt - ok
16:13:51.0116 0x147c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:13:51.0163 0x147c vwifimp - ok
16:13:51.0258 0x147c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:13:51.0323 0x147c W32Time - ok
16:13:51.0369 0x147c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:13:51.0447 0x147c WacomPen - ok
16:13:51.0557 0x147c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:13:51.0713 0x147c WANARP - ok
16:13:51.0791 0x147c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:13:51.0853 0x147c Wanarpv6 - ok
16:13:52.0284 0x147c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:13:52.0486 0x147c WatAdminSvc - ok
16:13:52.0888 0x147c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:13:53.0131 0x147c wbengine - ok
16:13:53.0266 0x147c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:13:53.0440 0x147c WbioSrvc - ok
16:13:53.0549 0x147c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:13:53.0705 0x147c wcncsvc - ok
16:13:53.0752 0x147c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:13:53.0861 0x147c WcsPlugInService - ok
16:13:53.0924 0x147c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:13:53.0988 0x147c Wd - ok
16:13:54.0128 0x147c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:13:54.0207 0x147c Wdf01000 - ok
16:13:54.0272 0x147c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:13:54.0844 0x147c WdiServiceHost - ok
16:13:54.0876 0x147c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:13:54.0907 0x147c WdiSystemHost - ok
16:13:55.0019 0x147c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
16:13:55.0169 0x147c WebClient - ok
16:13:55.0241 0x147c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:13:55.0335 0x147c Wecsvc - ok
16:13:55.0366 0x147c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:13:55.0444 0x147c wercplsupport - ok
16:13:55.0555 0x147c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:13:55.0618 0x147c WerSvc - ok
16:13:55.0727 0x147c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:13:55.0805 0x147c WfpLwf - ok
16:13:55.0836 0x147c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:13:55.0883 0x147c WIMMount - ok
16:13:55.0945 0x147c WinDefend - ok
16:13:55.0976 0x147c WinHttpAutoProxySvc - ok
16:13:56.0172 0x147c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:13:56.0281 0x147c Winmgmt - ok
16:13:56.0517 0x147c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
16:13:56.0814 0x147c WinRM - ok
16:13:57.0010 0x147c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
16:13:57.0072 0x147c WinUsb - ok
16:13:57.0317 0x147c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:13:57.0411 0x147c Wlansvc - ok
16:13:57.0473 0x147c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:13:57.0522 0x147c WmiAcpi - ok
16:13:57.0647 0x147c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:13:57.0725 0x147c wmiApSrv - ok
16:13:57.0803 0x147c WMPNetworkSvc - ok
16:13:57.0850 0x147c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:13:57.0912 0x147c WPCSvc - ok
16:13:57.0983 0x147c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:13:58.0045 0x147c WPDBusEnum - ok
16:13:58.0109 0x147c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:13:58.0187 0x147c ws2ifsl - ok
16:13:58.0234 0x147c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:13:58.0344 0x147c wscsvc - ok
16:13:58.0409 0x147c [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
16:13:58.0487 0x147c WSDPrintDevice - ok
16:13:58.0487 0x147c WSearch - ok
16:13:59.0211 0x147c [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv C:\Windows\system32\wuaueng.dll
16:13:59.0493 0x147c wuauserv - ok
16:13:59.0571 0x147c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:13:59.0665 0x147c WudfPf - ok
16:13:59.0790 0x147c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\drivers\WUDFRd.sys
16:13:59.0930 0x147c WUDFRd - ok
16:13:59.0985 0x147c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:14:00.0063 0x147c wudfsvc - ok
16:14:00.0157 0x147c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:14:00.0285 0x147c WwanSvc - ok
16:14:00.0395 0x147c ================ Scan global ===============================
16:14:00.0473 0x147c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:14:00.0599 0x147c [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
16:14:00.0646 0x147c [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
16:14:00.0724 0x147c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:14:00.0881 0x147c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
16:14:00.0912 0x147c [ Global ] - ok
16:14:00.0912 0x147c ================ Scan MBR ==================================
16:14:00.0927 0x147c [ 9C51D3FD2697BD2AE931BE1D6F1E6FFA ] \Device\Harddisk0\DR0
16:14:02.0843 0x147c \Device\Harddisk0\DR0 - ok
16:14:02.0843 0x147c ================ Scan VBR ==================================
16:14:02.0859 0x147c [ 217A2400DF100BF70D5F95A52F6820F6 ] \Device\Harddisk0\DR0\Partition1
16:14:02.0977 0x147c \Device\Harddisk0\DR0\Partition1 - ok
16:14:03.0008 0x147c [ B0BBD2C3291EE13C7B2564AC5867F66B ] \Device\Harddisk0\DR0\Partition2
16:14:03.0080 0x147c \Device\Harddisk0\DR0\Partition2 - ok
16:14:03.0080 0x147c ================ Scan generic autorun ======================
16:14:03.0216 0x147c [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
16:14:03.0247 0x147c IAAnotif - ok
16:14:04.0364 0x147c [ C7065803783E15DE2A1281D81D849398, 1B4592F0C68BD70A8833418723E6C7EA912478189AAC3D906B2C19E86810122E ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:14:04.0608 0x147c RtHDVCpl - ok
16:14:04.0785 0x147c [ EACD1E5D078CCE955A6EDC42FDE207F3, 0ADB01D9AD339F59673F425ACACDAA1FFF641A483A6E078B935B5CD5134C7050 ] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
16:14:04.0831 0x147c Acer ePower Management - ok
16:14:04.0894 0x147c [ 97909391D25CC325AC73A804DD96338F, EDC84B5A1470DBC760BDBCE9841D7C24AF27FC12F4F81EF17238E730D2F7AFEA ] C:\Windows\system32\igfxtray.exe
16:14:04.0941 0x147c IgfxTray - ok
16:14:05.0019 0x147c [ 5F8508700D0DCAFA082B996BD56BD1F8, 721033A591D6CA5341437A1C834A2ECF000FCDF0EF749B5256CDC1C114A50ECB ] C:\Windows\system32\hkcmd.exe
16:14:05.0081 0x147c HotKeysCmds - ok
16:14:05.0160 0x147c [ 7B81880AC42048E7C7553545A59247CA, C17713E5A2F98E2D297E940B509FE16AA38DB1BA4769EDBD1B8E2BFF127472E7 ] C:\Windows\system32\igfxpers.exe
16:14:05.0191 0x147c Persistence - ok
16:14:05.0191 0x147c NvCplDaemon - ok
16:14:05.0191 0x147c SynTPEnh - ok
16:14:05.0521 0x147c [ A58C6C5E5953B3C837537BBCF3767E69, 398C1D04BEF85E9FC6E1EE42F7341DE4302FF66ADC054A03D12253D261A6F589 ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
16:14:05.0568 0x147c COMODO Internet Security - ok
16:14:05.0771 0x147c [ 887E31727394E2998A471A01A521EAB4, E68D0C778BAAB307E6BDDA151787D31FC16AD83ADE3FE848353998D111A9AC0C ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
16:14:05.0818 0x147c DivXMediaServer - detected UnsignedFile.Multi.Generic ( 1 )
16:14:08.0212 0x147c Detect skipped due to KSN trusted
16:14:08.0212 0x147c DivXMediaServer - ok
16:14:08.0338 0x147c [ 22B6BC5733A4447721BC8FA8A2BE7BE2, D58E032C7094E63E17ACB1BB93686F7821797FAC9317D18957D924538ED6958E ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
16:14:08.0370 0x147c Cisco AnyConnect Secure Mobility Agent for Windows - ok
16:14:08.0595 0x147c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:14:08.0689 0x147c Sidebar - ok
16:14:08.0767 0x147c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:14:08.0838 0x147c mctadmin - ok
16:14:09.0036 0x147c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:14:09.0083 0x147c Sidebar - ok
16:14:09.0114 0x147c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:14:09.0145 0x147c mctadmin - ok
16:14:09.0437 0x147c [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:14:09.0562 0x147c Sidebar - ok
16:14:10.0125 0x147c [ 3BBEC4CC2A388B4C5D1EFE20EAD7D98F, CBC6603819660C63E09F13D9F541394F3BFED3A3D6F1BDE85843FDF4C162D566 ] C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
16:14:10.0162 0x147c GoogleChromeAutoLaunch_63D8154278637FAC558C6DCA49B059DF - ok
16:14:10.0973 0x147c [ 5B2563A9BE9FAAC40763ADB6E5D4B75B, 85FB1B2D2163C2BB50A26BB7FF0E293E46163E790B67FF29800518841FC62157 ] C:\Users\Basti\AppData\Roaming\Spotify\SpotifyWebHelper.exe
16:14:11.0051 0x147c Spotify Web Helper - ok
16:14:11.0145 0x147c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] C:\Users\Basti\AppData\Local\Google\Update\GoogleUpdate.exe
16:14:11.0161 0x147c Google Update - ok
16:14:11.0161 0x147c Waiting for KSN requests completion. In queue: 15
16:14:12.0171 0x147c Waiting for KSN requests completion. In queue: 15
16:14:13.0186 0x147c Waiting for KSN requests completion. In queue: 15
16:14:14.0677 0x147c AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.0.0.4344 ), 0x61000 ( enabled : updated )
16:14:14.0677 0x147c FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.0.0.4344 ), 0x61010 ( enabled )
16:14:17.0134 0x147c ============================================================
16:14:17.0134 0x147c Scan finished
16:14:17.0134 0x147c ============================================================
16:14:17.0149 0x1790 Detected object count: 0
16:14:17.0149 0x1790 Actual detected object count: 0
16:14:54.0434 0x1578 Deinitialize success
ich musste einfach den Dienst "Design" neustarten... Danke trotzdem. BG |
|
25.07.2015, 10:41
| #5 |
| /// the machine /// TB-Ausbilder | Windows Update? Aero Design weg - bei mir auch Kannst trotzdem noch die ADware deinstallieren  Yahoo Community Smartbar
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows Update? Aero Design weg - bei mir auch |
| aero design, chromium, design, installier, installiert, kollege, laufe, laufen, problem, scan, update, windows, windows 7 update fehler, windows update |
Linear-Darstellung
