Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Vermutung eines Trojaners! (https://www.trojaner-board.de/165519-vermutung-trojaners.html)

Faru 26.03.2015 14:43
Vermutung eines Trojaners!
 
Hallo liebes Trojanerboard Team,
Gestern wurde mein Steamaccount und Items im Wert von 300 Euro gestohlen (soll hier nicht das Thema sein), allerdings scheint dies über einen Keylogger erfolgt zu sein den ich via Skype erhalten habe.(War eine .exe Datei von jemandem dem ich eigentlich vertraut habe). Nun hab ich Malwarebytes drüber gerasselt und der hat 11 Trojaner,Keylogger etc.. gefunden und vernichtet. Allerdings bleibt eine Datei auch nach entfernen immer über "Heuristics.Reserved.Word.Exploit" und meine Datenträgerauslastung steigt in regelmäßigen Abständen auf 100%. Nun bin ich besorgt das der Keylogger nach wie vor aktiv sein könnte und das ändern meiner Passwörter nutzlos sein könnte.

Mit besten Grüßen Franky

schrauber 26.03.2015 14:51
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Faru 26.03.2015 15:07

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Sebi (administrator) on PC-SEBI on 26-03-2015 15:05:32
Running from C:\Users\Sebi\Downloads
Loaded Profiles: Sebi (Available profiles: Sebi)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\3DataManager\WTGService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-24] ( (Atheros Communications))
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [UPNP Service] => C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe [902144 2015-03-25] ()
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\MountPoints2: {3ef3322e-f63a-11e2-be6c-806e6f6e6963} - "D:\SETUP.EXE"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk /r \??\C:autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2171534533-33094092-2416115179-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2171534533-33094092-2416115179-1002 -> DefaultScope {6C84E0BC-9872-4A8D-8BD9-601B5D96A660} URL =
SearchScopes: HKU\S-1-5-21-2171534533-33094092-2416115179-1002 -> {6C84E0BC-9872-4A8D-8BD9-601B5D96A660} URL =
SearchScopes: HKU\S-1-5-21-2171534533-33094092-2416115179-1002 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-24] (Qualcomm Atheros Commnucations)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default
FF Homepage: https://www.google.at
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2014-11-28] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-22] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin HKU\S-1-5-21-2171534533-33094092-2416115179-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sebi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-11]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-24] (Qualcomm Atheros Commnucations) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-15] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [343024 2012-07-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 rzdaendpt; C:\Windows\System32\drivers\rzdaendpt.sys [33448 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [31912 2014-12-30] (Razer Inc)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-26 15:05 - 2015-03-26 15:05 - 02095616 _____ (Farbar) C:\Users\Sebi\Downloads\FRST64.exe
2015-03-26 15:05 - 2015-03-26 15:05 - 00018894 _____ () C:\Users\Sebi\Downloads\FRST.txt
2015-03-26 15:05 - 2015-03-26 15:05 - 00000000 ____D () C:\FRST
2015-03-25 20:48 - 2015-03-26 12:26 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-25 20:48 - 2015-03-25 20:48 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-25 20:48 - 2015-03-25 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-25 20:48 - 2015-03-25 20:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-25 20:48 - 2015-03-25 20:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-25 20:48 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-25 20:48 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-25 20:48 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-25 20:45 - 2015-03-25 20:45 - 01203488 _____ () C:\Users\Sebi\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2015-03-25 18:24 - 2015-03-25 18:24 - 01203488 _____ () C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer(1).exe
2015-03-25 11:35 - 2015-03-11 03:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-03-24 13:09 - 2015-03-24 13:17 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4
2015-03-24 10:15 - 2015-03-24 10:15 - 01054912 _____ (Adobe) C:\Users\Sebi\Downloads\install_flashplayer17x32au_ltr5x64d_awc_aih.exe
2015-03-24 01:29 - 2015-03-24 01:29 - 00000000 __SHD () C:\Users\Sebi\AppData\Roaming\FolderName
2015-03-24 01:22 - 2015-03-24 01:22 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Skype
2015-03-24 01:21 - 2015-03-25 21:09 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Skype
2015-03-24 01:21 - 2015-03-24 01:21 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-24 01:21 - 2015-03-24 01:21 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-24 01:21 - 2015-03-24 01:21 - 00000000 ____D () C:\ProgramData\Skype
2015-03-24 01:21 - 2015-03-24 01:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-24 01:20 - 2015-03-24 01:20 - 00003134 _____ () C:\WINDOWS\System32\Tasks\{99D679EF-1A1A-4D6A-8435-4AAA89B03323}
2015-03-22 01:33 - 2015-03-22 01:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-19 21:08 - 2015-03-19 21:08 - 00000000 ____D () C:\Users\Sebi\Documents\Benutzerdefinierte Office-Vorlagen
2015-03-16 19:08 - 2015-03-16 19:08 - 00000222 _____ () C:\Users\Sebi\Desktop\South Park The Stick of Truth.url
2015-03-11 11:35 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 11:35 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 11:35 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 11:35 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 11:34 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 11:34 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 11:34 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 11:34 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 11:34 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 11:34 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 11:34 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 11:34 - 2015-02-07 00:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 11:34 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 11:34 - 2015-02-06 02:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 11:34 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 11:34 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 11:34 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 11:34 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 11:34 - 2015-01-31 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 11:34 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 11:34 - 2015-01-30 04:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 11:34 - 2015-01-30 04:00 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-11 11:34 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 11:34 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 11:34 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 11:34 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 11:34 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 11:34 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 11:34 - 2014-10-29 03:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-03-11 11:34 - 2014-10-29 03:46 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-03-11 11:34 - 2014-10-29 03:46 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-03-11 11:34 - 2014-10-29 03:45 - 01198080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-03-11 11:34 - 2014-10-29 03:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-03-11 11:34 - 2014-10-29 03:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-03-11 11:34 - 2014-10-29 03:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2015-03-11 11:34 - 2014-10-29 03:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-03-11 11:34 - 2014-10-29 03:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2015-03-11 11:34 - 2014-10-29 03:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-03-11 11:34 - 2014-10-29 03:03 - 00241152 ____C (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2015-03-11 11:34 - 2014-10-29 03:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-03-11 11:34 - 2014-10-29 03:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-03-11 11:34 - 2014-10-29 02:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2015-03-11 11:34 - 2014-10-29 02:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2015-03-11 11:34 - 2014-10-29 02:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-11 11:34 - 2014-10-29 02:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-03-11 11:34 - 2014-10-29 02:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2015-03-11 11:34 - 2014-10-29 02:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-03-11 11:34 - 2014-10-29 02:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-03-11 11:34 - 2014-10-29 01:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-03-11 11:34 - 2014-10-29 01:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-03-11 11:34 - 2014-10-29 01:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-11 11:34 - 2014-10-29 01:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-03-11 11:33 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 11:33 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 11:33 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 11:33 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 11:33 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 11:33 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 11:33 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 11:33 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 11:33 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 11:33 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 11:33 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 11:33 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 11:33 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 11:33 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 11:33 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 11:33 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 11:33 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 11:33 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 11:33 - 2015-01-29 01:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 11:33 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 11:33 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 11:33 - 2015-01-29 01:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 11:33 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 11:33 - 2015-01-28 16:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 11:33 - 2015-01-28 16:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 11:33 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 11:33 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 11:33 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 11:33 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 11:33 - 2014-10-29 04:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-03-11 11:33 - 2014-10-29 03:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-11 11:33 - 2014-10-29 03:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-03-11 11:33 - 2014-10-29 03:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-03-11 11:33 - 2014-10-29 02:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-11 11:33 - 2014-10-29 02:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-03-11 11:33 - 2014-10-29 02:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-11 11:33 - 2014-10-29 01:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2015-03-11 11:33 - 2014-10-29 01:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 11:30 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 11:30 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 11:30 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 11:30 - 2015-02-21 01:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 11:30 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 11:30 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 11:30 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 11:30 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 11:30 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 11:30 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 11:30 - 2015-02-20 03:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 11:30 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 11:30 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 11:30 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 11:30 - 2015-02-20 03:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 11:30 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 11:30 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 11:30 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 11:30 - 2015-02-20 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 11:30 - 2015-02-20 02:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 11:30 - 2015-02-20 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 11:30 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 11:30 - 2015-02-20 02:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 11:30 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 11:30 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 11:30 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 11:30 - 2015-02-20 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 11:30 - 2015-02-20 02:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 11:30 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 11:30 - 2015-02-20 02:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 11:30 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 11:30 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 11:30 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 11:30 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 11:30 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 11:30 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 11:30 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 11:29 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 11:29 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 11:29 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 11:29 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 11:29 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-11 11:28 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 11:28 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 11:28 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 11:28 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 11:28 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 11:28 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 11:28 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-11 11:28 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-09 22:44 - 2015-03-09 22:44 - 00004856 _____ () C:\Users\Sebi\Downloads\config_ endde83.zip
2015-02-25 11:46 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-25 11:46 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-25 11:46 - 2014-10-29 02:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-02-25 11:46 - 2014-10-29 02:27 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-02-25 11:46 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-02-25 11:46 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-26 15:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-26 14:44 - 2015-01-07 20:04 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-26 14:26 - 2015-01-27 09:50 - 00005126 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Pc-Sebi-Sebi Pc-Sebi
2015-03-26 14:18 - 2014-12-15 12:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-26 13:50 - 2015-01-14 16:30 - 01353488 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-26 13:15 - 2015-01-14 14:41 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\TS3Client
2015-03-26 12:30 - 2014-09-24 07:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-26 12:30 - 2014-09-24 06:43 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-26 12:30 - 2014-09-24 06:43 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-26 12:29 - 2015-01-28 11:43 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{708BD5AD-2F5C-4A11-8A1A-FE53B4E2038D}
2015-03-26 12:29 - 2014-12-14 15:41 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2171534533-33094092-2416115179-1002
2015-03-26 12:26 - 2015-01-27 09:50 - 00000000 ___DO () C:\Users\Sebi\OneDrive
2015-03-26 12:24 - 2013-08-22 15:46 - 00341515 _____ () C:\WINDOWS\setupact.log
2015-03-26 12:24 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-26 12:23 - 2014-09-23 22:06 - 00013292 _____ () C:\WINDOWS\PFRO.log
2015-03-26 12:23 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-26 02:45 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-25 22:40 - 2015-01-14 16:37 - 00000000 ____D () C:\Users\Sebi
2015-03-25 21:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\tracing
2015-03-25 21:25 - 2015-01-11 14:17 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-25 21:25 - 2014-09-24 08:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-25 20:42 - 2015-01-22 13:39 - 00100352 ___SH () C:\Users\Sebi\Desktop\Thumbs.db
2015-03-25 19:16 - 2015-01-27 21:10 - 06528454 _____ () C:\Users\Sebi\Downloads\paint.net.4.0.5.install.zip
2015-03-25 13:14 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-25 12:14 - 2015-01-22 13:43 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Deployment
2015-03-25 12:14 - 2014-12-14 15:35 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Packages
2015-03-24 10:10 - 2014-12-14 15:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-21 16:51 - 2015-01-08 16:45 - 00000072 _____ () C:\Users\Public\LMDebug.log
2015-03-18 14:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-17 18:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-17 10:15 - 2013-08-22 15:44 - 00372192 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-17 10:08 - 2015-01-22 13:23 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-17 01:20 - 2015-01-13 01:54 - 00000000 ____D () C:\Users\Sebi\Documents\My Games
2015-03-16 19:08 - 2015-01-07 21:10 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-13 21:13 - 2015-01-08 13:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-13 21:10 - 2015-01-08 13:00 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-13 15:07 - 2015-01-22 13:55 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2171534533-33094092-2416115179-1002
2015-03-04 22:24 - 2014-09-24 08:46 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-04 22:24 - 2014-09-24 08:46 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2013-07-26 22:46 - 2013-07-26 22:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Sebi\AppData\Local\Temp\notepad.exe
C:\Users\Sebi\AppData\Local\Temp\svhost.exe
C:\Users\Sebi\AppData\Local\Temp\tmp1287.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp130F.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp1426.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp18CD.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp1C9D.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp296D.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp33FE.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp3E27.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp4F26.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp559B.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp7170.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp8229.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp8D7F.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp9105.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmpB934.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-24 19:05

==================== End Of Log ============================
--- --- ---



FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Sebi at 2015-03-26 15:06:13
Running from C:\Users\Sebi\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
3DataManager (HKLM-x32\...\3DataManager) (Version: 3.5 - 3DataManager)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{81C6F800-A69B-4E70-9DC0-74732F8B00E7}) (Version: 1.00.3015 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3003 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3003 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3729_45993 - CyberLink Corp.)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ETDWare PS/2-X64 11.6.19.204_WHQL (HKLM\...\Elantech) (Version: 11.6.19.204 - ELAN Microelectronic Corp.)
Fallout 3 (HKLM-x32\...\Steam App 22300) (Version:  - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Mozilla Firefox 36.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.28130 - Realtek Semiconductor Corp.)
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version:  - The Creative Assembly)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Unity Web Player (HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2171534533-33094092-2416115179-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2171534533-33094092-2416115179-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Sebi\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

07-03-2015 22:12:40 Geplanter Prüfpunkt
11-03-2015 15:17:01 Windows Update
20-03-2015 18:27:37 Geplanter Prüfpunkt
25-03-2015 13:13:18 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {048EDF98-5395-4B4A-A4AE-0C01C2AD25C5} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2013-02-08] ()
Task: {07A37BFB-078B-428D-8DFD-BA64327A11B8} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {0DB334BF-6987-4E2B-96BE-3EBC5CB50E24} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2013-02-08] (CyberLink)
Task: {1FA3ADCD-3E5F-4A9B-97C1-A948EF8E32A5} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {379D7190-7201-4AC1-A082-7A9CF3AEA06A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Pc-Sebi-Sebi Pc-Sebi => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)
Task: {6F9B6353-ADBA-4418-AE9A-8BDF2AE3F2C1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-13] (Microsoft Corporation)
Task: {821453E6-0E72-4560-8BE6-D7FF27264BA9} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2013-02-08] ()
Task: {8F2B5D50-FC49-4F37-99F2-E4CA803398A2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {91C8B8FF-370B-4C56-81CE-BEFBB9505A85} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {96F9643F-1E6E-4D67-84E6-46E8A23DC2DD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {972E839B-849C-4E34-9B06-255B9ACFA0DE} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-03-15] (Acer Incorporate)
Task: {A33100ED-9FC4-4360-B30D-0A002258FE2C} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2171534533-33094092-2416115179-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {BF13BF75-3C83-4114-BE40-214A5D91A460} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {E0016269-49ED-4B59-9C2E-237CEE23361A} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {E2B7A516-08CF-4EE9-A635-47414568D8AA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {EDB89799-6E7B-43E0-A4CB-72B49450E43A} - System32\Tasks\{99D679EF-1A1A-4D6A-8435-4AAA89B03323} => Firefox.exe hxxp://ui.skype.com/ui/0/7.2.0.103/de/abandoninstall?source=lightinstaller&page=tsBing
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-05 22:44 - 2015-01-10 09:07 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-02-05 22:47 - 2015-01-10 00:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-24 10:42 - 2014-09-24 10:42 - 00034304 _____ () C:\WINDOWS\System32\ssj1mlm.dll
2015-01-22 13:37 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-12-14 15:37 - 2012-07-05 05:03 - 00343024 ____N () C:\Program Files (x86)\3DataManager\WTGService.exe
2014-10-03 17:36 - 2014-10-03 17:36 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe
2013-01-24 23:09 - 2013-01-24 23:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-24 23:05 - 2013-01-24 23:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-24 23:12 - 2013-01-24 23:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-03-24 13:09 - 2015-03-25 17:52 - 00902144 _____ () C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe
2013-02-08 22:24 - 2013-02-08 22:24 - 00025672 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2013-02-08 22:24 - 2013-02-08 22:24 - 00044616 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2015-02-05 22:44 - 2015-01-10 09:07 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-01-07 20:25 - 2015-03-10 07:37 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 09:42 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-07 20:25 - 2015-03-24 05:22 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-20 09:42 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 09:42 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-01-07 20:25 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-01-07 20:25 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-01-07 20:25 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-01-07 20:25 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-01-07 20:25 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-07 20:25 - 2015-03-24 05:22 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-01-07 20:25 - 2015-02-25 02:58 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-07-26 22:42 - 2013-01-23 08:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-07 20:25 - 2015-02-25 02:58 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2015-01-22 13:39 - 2015-01-22 13:46 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-02-28 14:33 - 2014-02-28 14:33 - 00148480 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\quazip.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00864768 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 14:45 - 2014-02-27 14:45 - 00677376 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-04 14:43 - 2014-08-04 14:43 - 00092104 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2014-08-04 14:43 - 2014-08-04 14:43 - 00105416 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00025600 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00242688 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-04 14:45 - 2014-08-04 14:45 - 00477128 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 14:45 - 2014-08-04 14:45 - 00484808 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00123904 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Sebi\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2171534533-33094092-2416115179-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-2171534533-33094092-2416115179-500 - Administrator - Disabled)
Gast (S-1-5-21-2171534533-33094092-2416115179-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2171534533-33094092-2416115179-1004 - Limited - Enabled)
Sebi (S-1-5-21-2171534533-33094092-2416115179-1002 - Administrator - Enabled) => C:\Users\Sebi

==================== Faulty Device Manager Devices =============

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (03/26/2015 00:55:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.4.5557, Zeitstempel: 0x550d0883
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.4.5557, Zeitstempel: 0x550cfa82
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0x1fac
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (03/26/2015 00:55:18 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 36.0.4.5557 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 910

Startzeit: 01d0675435e3ec07

Endzeit: 26

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 5f3b9f65-d34a-11e4-be94-0c84dc0bb3fc

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/25/2015 05:52:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (03/25/2015 05:52:25 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (03/25/2015 05:52:25 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (03/25/2015 05:52:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (03/25/2015 05:52:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (03/25/2015 05:52:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (03/25/2015 05:52:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (03/25/2015 05:52:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll4


System errors:
=============
Error: (03/26/2015 00:25:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Norton Online Backup" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/26/2015 02:45:08 AM) (Source: DCOM) (EventID: 10010) (User: PC-SEBI)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (03/26/2015 02:45:07 AM) (Source: DCOM) (EventID: 10010) (User: PC-SEBI)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (03/25/2015 09:26:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062

Error: (03/25/2015 01:35:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (03/25/2015 01:35:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (03/24/2015 07:22:31 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Acer" wurde eine Beschädigung erkannt.

In einer Indexstruktur des Dateisystems wurde eine Beschädigung gefunden. Die Dateireferenznummer ist 0x400000003a5b4. Der Name der Datei ist "\Windows\WinSxS". Das Attribut des beschädigten Indexes ist ":$I30:$INDEX_ALLOCATION".

Error: (03/24/2015 10:10:58 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎24.‎03.‎2015 um 01:30:08 unerwartet heruntergefahren.

Error: (03/20/2015 06:29:19 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Acer" wurde eine Beschädigung erkannt.

Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.

Error: (03/20/2015 06:29:19 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Acer" wurde eine Beschädigung erkannt.

Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.


Microsoft Office Sessions:
=========================
Error: (03/26/2015 00:55:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e021fac01d067551af2a6f6C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll63586f5e-d34a-11e4-be94-0c84dc0bb3fc

Error: (03/26/2015 00:55:18 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe36.0.4.555791001d0675435e3ec0726C:\Program Files (x86)\Mozilla Firefox\firefox.exe5f3b9f65-d34a-11e4-be94-0c84dc0bb3fc

Error: (03/25/2015 05:52:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (03/25/2015 05:52:25 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (03/25/2015 05:52:25 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (03/25/2015 05:52:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (03/25/2015 05:52:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (03/25/2015 05:52:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (03/25/2015 05:52:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (03/25/2015 05:52:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll4


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 29%
Total physical RAM: 7848.28 MB
Available physical RAM: 5547.35 MB
Total Pagefile: 20136.28 MB
Available Pagefile: 17595.53 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:680.39 GB) (Free:575.92 GB) NTFS
Drive d: (FNV_GERMAN) (CDROM) (Total:6.94 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: D5A2F3FE)

Partition: GPT Partition Type.

==================== End Of Log ============================
--- --- ---

schrauber 26.03.2015 19:34
hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Faru 27.03.2015 00:21
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
main: v2014.11.18.05
rootkit: v2014.11.12.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17690
Sebi :: PC-SEBI [administrator]

26.03.2015 19:40:47
mbar-log-2015-03-26 (19-40-47).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 903
Time elapsed: 35 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
main: v2015.03.26.06
rootkit: v2015.02.25.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17690
Sebi :: PC-SEBI [administrator]

26.03.2015 19:42:01
mbar-log-2015-03-26 (19-42-01).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 383072
Time elapsed: 23 minute(s), 44 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\$Recycle.Bin\S-1-5-21-2171534533-33094092-2416115179-1002\$RYN8C7E.Opener_mkdtfchztkfbm!App (Trojan.Siredef.C) -> Delete on reboot. [31edb8922d5dd561ce41818015ebe917]

Files Detected: 3
C:\Users\Sebi\AppData\Local\Temp\svhost.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot. [5bc3153594f671c58a2568fabf45b34d]
C:\$Recycle.Bin\S-1-5-21-2171534533-33094092-2416115179-1002\$RYN8C7E.Opener_mkdtfchztkfbm!App\autoexec.zip (Trojan.Siredef.C) -> Delete on reboot. [31edb8922d5dd561ce41818015ebe917]
C:\$Recycle.Bin\S-1-5-21-2171534533-33094092-2416115179-1002\$RYN8C7E.Opener_mkdtfchztkfbm!App\desktop.ini (Trojan.Siredef.C) -> Delete on reboot. [31edb8922d5dd561ce41818015ebe917]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Faru 27.03.2015 00:22
19:55:10.0053 0x32dc TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
19:55:10.0053 0x32dc UEFI system
19:55:16.0230 0x32dc ============================================================
19:55:16.0230 0x32dc Current date / time: 2015/03/26 19:55:16.0230
19:55:16.0230 0x32dc SystemInfo:
19:55:16.0230 0x32dc
19:55:16.0230 0x32dc OS Version: 6.3.9600 ServicePack: 0.0
19:55:16.0230 0x32dc Product type: Workstation
19:55:16.0230 0x32dc ComputerName: PC-SEBI
19:55:16.0230 0x32dc UserName: Sebi
19:55:16.0230 0x32dc Windows directory: C:\WINDOWS
19:55:16.0230 0x32dc System windows directory: C:\WINDOWS
19:55:16.0230 0x32dc Running under WOW64
19:55:16.0230 0x32dc Processor architecture: Intel x64
19:55:16.0230 0x32dc Number of processors: 8
19:55:16.0230 0x32dc Page size: 0x1000
19:55:16.0230 0x32dc Boot type: Normal boot
19:55:16.0230 0x32dc ============================================================
19:55:16.0995 0x32dc KLMD registered as C:\WINDOWS\system32\drivers\36275186.sys
19:55:17.0926 0x32dc System UUID: {709216AC-0719-4D3E-0608-78878E71E568}
19:55:18.0306 0x32dc Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:55:18.0319 0x32dc ============================================================
19:55:18.0319 0x32dc \Device\Harddisk0\DR0:
19:55:18.0331 0x32dc GPT partitions:
19:55:18.0348 0x32dc \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4B4BCBCF-388D-491D-B645-29876054396B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
19:55:18.0348 0x32dc \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {CB252A3B-B87A-4DA3-8022-5CFB812920BF}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
19:55:18.0348 0x32dc \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {DA78E247-849C-4C25-867D-7D5332ACE11E}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
19:55:18.0349 0x32dc \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5DF20FB8-C9CD-4594-92E3-78E76004AB24}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x550C6000
19:55:18.0349 0x32dc \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {84FC1ACD-89A8-47D0-AD31-F551D9F344CF}, Name: , StartLBA 0x55264800, BlocksNum 0xE1000
19:55:18.0349 0x32dc \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {51F7C55F-DA3A-41C2-8521-9BB7DAD6590C}, Name: Basic data partition, StartLBA 0x55345800, BlocksNum 0x2200800
19:55:18.0349 0x32dc MBR partitions:
19:55:18.0349 0x32dc ============================================================
19:55:18.0416 0x32dc C: <-> \Device\Harddisk0\DR0\Partition4
19:55:18.0416 0x32dc ============================================================
19:55:18.0416 0x32dc Initialize success
19:55:18.0416 0x32dc ============================================================
20:09:26.0571 0x0b68 ============================================================
20:09:26.0572 0x0b68 Scan started
20:09:26.0572 0x0b68 Mode: Manual;
20:09:26.0572 0x0b68 ============================================================
20:09:26.0572 0x0b68 KSN ping started
20:09:29.0015 0x0b68 KSN ping finished: true
20:09:36.0580 0x0b68 ================ Scan system memory ========================
20:09:36.0580 0x0b68 Scan was interrupted by user!
20:09:36.0624 0x0b68 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
20:09:36.0704 0x0b68 Win FW state via NFP2: enabled
20:09:39.0125 0x0b68 ============================================================
20:09:39.0125 0x0b68 Scan finished
20:09:39.0125 0x0b68 ============================================================
20:09:39.0151 0x0628 Detected object count: 0
20:09:39.0151 0x0628 Actual detected object count: 0
20:09:42.0371 0x32a8 Deinitialize success

00:17:05.0878 0x18c0 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
00:17:05.0878 0x18c0 UEFI system
00:17:08.0506 0x18c0 ============================================================
00:17:08.0506 0x18c0 Current date / time: 2015/03/27 00:17:08.0506
00:17:08.0506 0x18c0 SystemInfo:
00:17:08.0506 0x18c0
00:17:08.0506 0x18c0 OS Version: 6.3.9600 ServicePack: 0.0
00:17:08.0506 0x18c0 Product type: Workstation
00:17:08.0506 0x18c0 ComputerName: PC-SEBI
00:17:08.0506 0x18c0 UserName: Sebi
00:17:08.0506 0x18c0 Windows directory: C:\WINDOWS
00:17:08.0506 0x18c0 System windows directory: C:\WINDOWS
00:17:08.0506 0x18c0 Running under WOW64
00:17:08.0507 0x18c0 Processor architecture: Intel x64
00:17:08.0507 0x18c0 Number of processors: 8
00:17:08.0507 0x18c0 Page size: 0x1000
00:17:08.0507 0x18c0 Boot type: Normal boot
00:17:08.0507 0x18c0 ============================================================
00:17:09.0166 0x18c0 KLMD registered as C:\WINDOWS\system32\drivers\89492819.sys
00:17:09.0633 0x18c0 System UUID: {709216AC-0719-4D3E-0608-78878E71E568}
00:17:10.0023 0x18c0 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:17:10.0030 0x18c0 ============================================================
00:17:10.0030 0x18c0 \Device\Harddisk0\DR0:
00:17:10.0030 0x18c0 GPT partitions:
00:17:10.0031 0x18c0 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4B4BCBCF-388D-491D-B645-29876054396B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
00:17:10.0031 0x18c0 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {CB252A3B-B87A-4DA3-8022-5CFB812920BF}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
00:17:10.0031 0x18c0 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {DA78E247-849C-4C25-867D-7D5332ACE11E}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
00:17:10.0031 0x18c0 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5DF20FB8-C9CD-4594-92E3-78E76004AB24}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x550C6000
00:17:10.0031 0x18c0 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {84FC1ACD-89A8-47D0-AD31-F551D9F344CF}, Name: , StartLBA 0x55264800, BlocksNum 0xE1000
00:17:10.0031 0x18c0 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {51F7C55F-DA3A-41C2-8521-9BB7DAD6590C}, Name: Basic data partition, StartLBA 0x55345800, BlocksNum 0x2200800
00:17:10.0031 0x18c0 MBR partitions:
00:17:10.0031 0x18c0 ============================================================
00:17:10.0077 0x18c0 C: <-> \Device\Harddisk0\DR0\Partition4
00:17:10.0077 0x18c0 ============================================================
00:17:10.0077 0x18c0 Initialize success
00:17:10.0077 0x18c0 ============================================================
00:17:12.0334 0x1928 ============================================================
00:17:12.0334 0x1928 Scan started
00:17:12.0334 0x1928 Mode: Manual;
00:17:12.0334 0x1928 ============================================================
00:17:12.0334 0x1928 KSN ping started
00:17:14.0710 0x1928 KSN ping finished: true
00:17:20.0005 0x1928 ================ Scan system memory ========================
00:17:20.0005 0x1928 System memory - ok
00:17:20.0007 0x1928 ================ Scan services =============================
00:17:20.0985 0x1928 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
00:17:21.0009 0x1928 1394ohci - ok
00:17:21.0043 0x1928 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
00:17:21.0046 0x1928 3ware - ok
00:17:21.0084 0x1928 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
00:17:21.0123 0x1928 ACPI - ok
00:17:21.0128 0x1928 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
00:17:21.0130 0x1928 acpiex - ok
00:17:21.0146 0x1928 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
00:17:21.0147 0x1928 acpipagr - ok
00:17:21.0166 0x1928 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
00:17:21.0167 0x1928 AcpiPmi - ok
00:17:21.0171 0x1928 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
00:17:21.0172 0x1928 acpitime - ok
00:17:21.0325 0x1928 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:17:21.0341 0x1928 AdobeFlashPlayerUpdateSvc - ok
00:17:21.0420 0x1928 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
00:17:21.0443 0x1928 ADP80XX - ok
00:17:21.0505 0x1928 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
00:17:21.0510 0x1928 AeLookupSvc - ok
00:17:21.0548 0x1928 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
00:17:21.0678 0x1928 AFD - ok
00:17:21.0831 0x1928 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
00:17:21.0869 0x1928 agp440 - ok
00:17:21.0914 0x1928 [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
00:17:21.0916 0x1928 ahcache - ok
00:17:22.0046 0x1928 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe
00:17:22.0048 0x1928 ALG - ok
00:17:22.0107 0x1928 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
00:17:22.0115 0x1928 AmdK8 - ok
00:17:22.0164 0x1928 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
00:17:22.0270 0x1928 AmdPPM - ok
00:17:22.0343 0x1928 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
00:17:22.0345 0x1928 amdsata - ok
00:17:22.0378 0x1928 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
00:17:22.0383 0x1928 amdsbs - ok
00:17:22.0404 0x1928 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
00:17:22.0407 0x1928 amdxata - ok
00:17:22.0442 0x1928 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys
00:17:22.0447 0x1928 AppID - ok
00:17:22.0474 0x1928 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
00:17:22.0478 0x1928 AppIDSvc - ok
00:17:22.0514 0x1928 [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo C:\WINDOWS\System32\appinfo.dll
00:17:22.0521 0x1928 Appinfo - ok
00:17:22.0562 0x1928 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
00:17:22.0608 0x1928 AppReadiness - ok
00:17:22.0692 0x1928 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
00:17:22.0719 0x1928 AppXSvc - ok
00:17:22.0738 0x1928 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
00:17:22.0741 0x1928 arcsas - ok
00:17:22.0781 0x1928 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
00:17:22.0782 0x1928 atapi - ok
00:17:22.0819 0x1928 [ 62A40F3DFF2B40915A1981285B14EFD4, 02F19978D153E816A6A879F6D0D67B2AB89F5964B86953F11B82D9970C3ED963 ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys
00:17:22.0821 0x1928 AthBTPort - ok
00:17:22.0978 0x1928 [ A917E4F753B90A5181ECBFA56D5C154A, 4025FC65AB44AE5FDF6D144F16873C1E165D9EB7C4BF0570C996F2D7C8B71A1E ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
00:17:22.0991 0x1928 AtherosSvc - ok
00:17:23.0211 0x1928 [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys
00:17:23.0306 0x1928 athr - ok
00:17:23.0340 0x1928 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
00:17:23.0344 0x1928 AudioEndpointBuilder - ok
00:17:23.0395 0x1928 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
00:17:23.0411 0x1928 Audiosrv - ok
00:17:23.0440 0x1928 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
00:17:23.0443 0x1928 AxInstSV - ok
00:17:23.0488 0x1928 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
00:17:23.0498 0x1928 b06bdrv - ok
00:17:23.0544 0x1928 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
00:17:23.0545 0x1928 BasicDisplay - ok
00:17:23.0556 0x1928 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
00:17:23.0557 0x1928 BasicRender - ok
00:17:23.0568 0x1928 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
00:17:23.0569 0x1928 bcmfn2 - ok
00:17:23.0673 0x1928 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
00:17:23.0687 0x1928 BDESVC - ok
00:17:23.0715 0x1928 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:17:23.0715 0x1928 Beep - ok
00:17:23.0779 0x1928 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\WINDOWS\System32\bfe.dll
00:17:23.0837 0x1928 BFE - ok
00:17:23.0940 0x1928 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll
00:17:23.0964 0x1928 BITS - ok
00:17:23.0989 0x1928 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
00:17:23.0991 0x1928 bowser - ok
00:17:24.0025 0x1928 [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
00:17:24.0031 0x1928 BrokerInfrastructure - ok
00:17:24.0073 0x1928 [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\WINDOWS\System32\browser.dll
00:17:24.0076 0x1928 Browser - ok
00:17:24.0092 0x1928 [ 6BF12F3F3A5D3F2866E69B8B463BC0CD, E6D3358ABCF16ED2E68A93171C5E84D797137898BB2231E26FF0E4A07B8ADB22 ] BTATH_A2DP C:\WINDOWS\system32\drivers\btath_a2dp.sys
00:17:24.0099 0x1928 BTATH_A2DP - ok
00:17:24.0125 0x1928 [ DC7038090A369FE866B76DB18E356558, 6782DBDDA352FBF8C2F5F6A90591794B569F2897AA5BD901AF062E774E734E48 ] btath_avdt C:\WINDOWS\system32\drivers\btath_avdt.sys
00:17:24.0127 0x1928 btath_avdt - ok
00:17:24.0165 0x1928 [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\WINDOWS\System32\drivers\btath_hcrp.sys
00:17:24.0169 0x1928 BTATH_HCRP - ok
00:17:24.0190 0x1928 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
00:17:24.0192 0x1928 BTATH_LWFLT - ok
00:17:24.0207 0x1928 [ A6019537D6125099363F90D0C6D181F9, CA0C46AABBF71E2A29C93A477A06D33E3CACC84978DD9D729BEFB339E50D7055 ] BTATH_RCP C:\WINDOWS\System32\drivers\btath_rcp.sys
00:17:24.0210 0x1928 BTATH_RCP - ok
00:17:24.0245 0x1928 [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
00:17:24.0255 0x1928 BtFilter - ok
00:17:24.0289 0x1928 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
00:17:24.0290 0x1928 BthAvrcpTg - ok
00:17:24.0313 0x1928 [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
00:17:24.0315 0x1928 BthEnum - ok
00:17:24.0357 0x1928 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
00:17:24.0358 0x1928 BthHFEnum - ok
00:17:24.0363 0x1928 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
00:17:24.0364 0x1928 bthhfhid - ok
00:17:24.0398 0x1928 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
00:17:24.0404 0x1928 BthLEEnum - ok
00:17:24.0420 0x1928 [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
00:17:24.0424 0x1928 BTHMODEM - ok
00:17:24.0437 0x1928 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
00:17:24.0442 0x1928 BthPan - ok
00:17:24.0695 0x1928 [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
00:17:24.0761 0x1928 BTHPORT - ok
00:17:24.0807 0x1928 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll
00:17:24.0813 0x1928 bthserv - ok
00:17:24.0838 0x1928 [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
00:17:24.0845 0x1928 BTHUSB - ok
00:17:25.0114 0x1928 [ 843F5EFF90A988617C5FFD8596A2B571, 69FF9731876E1CBA4BBF00557F0CBC73247165F8EB45F45A55CC0178A7B90D44 ] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
00:17:25.0252 0x1928 CCDMonitorService - ok
00:17:25.0320 0x1928 [ E41F70406C34F1CB667B4B27D81AD162, 8869C7EB9CBF68B90640765D15DB5B8DACEF45025C1E580AA94D96E32560274B ] ccSet_NARA C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys
00:17:25.0330 0x1928 ccSet_NARA - ok
00:17:25.0352 0x1928 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
00:17:25.0355 0x1928 cdfs - ok
00:17:25.0383 0x1928 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
00:17:25.0390 0x1928 cdrom - ok
00:17:25.0436 0x1928 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
00:17:25.0439 0x1928 CertPropSvc - ok
00:17:25.0460 0x1928 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
00:17:25.0461 0x1928 circlass - ok
00:17:25.0470 0x1928 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
00:17:25.0476 0x1928 CLFS - ok
00:17:25.0864 0x1928 [ 880A6DAC6E03871B37A782155D189A53, 93659BB67236F5EBC317FD73879EB79EFB195728A2C0BC997881D3622C6CF981 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
00:17:25.0938 0x1928 ClickToRunSvc - ok
00:17:26.0054 0x1928 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
00:17:26.0055 0x1928 CmBatt - ok
00:17:26.0110 0x1928 [ 3930E508DDA46C1FF68FD963F350AA0A, BF63F9C7AB30E2A8199D65EDD6DCBB797C93A4A0B972373643FBE1C38BCFA697 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
00:17:26.0133 0x1928 CNG - ok
00:17:26.0200 0x1928 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
00:17:26.0201 0x1928 CompositeBus - ok
00:17:26.0204 0x1928 COMSysApp - ok
00:17:26.0242 0x1928 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
00:17:26.0244 0x1928 condrv - ok
00:17:26.0393 0x1928 [ 1154D3FBD01C35A2F9A2073BCB366452, 02F8CBDD8E2F321711528CFFC46E9F0B60CC779C34164E387E2E53DEB518B674 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
00:17:26.0451 0x1928 cphs - ok
00:17:26.0508 0x1928 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
00:17:26.0515 0x1928 CryptSvc - ok
00:17:26.0530 0x1928 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
00:17:26.0532 0x1928 dam - ok
00:17:26.0593 0x1928 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:17:26.0625 0x1928 DcomLaunch - ok
00:17:26.0666 0x1928 [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
00:17:26.0675 0x1928 defragsvc - ok
00:17:26.0707 0x1928 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
00:17:26.0715 0x1928 DeviceAssociationService - ok
00:17:26.0874 0x1928 [ D06DB4200F9444B2386E6C0E68CD574A, 7266A22D6AF86813CF8AB13BE40384D20C24CE72EF75B0C467C5F88F5B058B1E ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
00:17:26.0883 0x1928 DeviceFastLaneService - ok
00:17:26.0909 0x1928 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
00:17:26.0912 0x1928 DeviceInstall - ok
00:17:26.0943 0x1928 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
00:17:26.0945 0x1928 Dfsc - ok
00:17:26.0978 0x1928 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
00:17:26.0996 0x1928 dg_ssudbus - ok
00:17:27.0056 0x1928 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
00:17:27.0092 0x1928 Dhcp - ok
00:17:27.0148 0x1928 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
00:17:27.0152 0x1928 disk - ok
00:17:27.0181 0x1928 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
00:17:27.0182 0x1928 dmvsc - ok
00:17:27.0229 0x1928 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:17:27.0236 0x1928 Dnscache - ok
00:17:27.0269 0x1928 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll
00:17:27.0276 0x1928 dot3svc - ok
00:17:27.0293 0x1928 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll
00:17:27.0298 0x1928 DPS - ok
00:17:27.0312 0x1928 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:17:27.0314 0x1928 drmkaud - ok
00:17:27.0348 0x1928 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
00:17:27.0354 0x1928 DsmSvc - ok
00:17:27.0418 0x1928 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
00:17:27.0463 0x1928 DXGKrnl - ok
00:17:27.0492 0x1928 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll
00:17:27.0494 0x1928 Eaphost - ok
00:17:27.0683 0x1928 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
00:17:27.0817 0x1928 ebdrv - ok
00:17:27.0877 0x1928 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe
00:17:27.0880 0x1928 EFS - ok
00:17:27.0912 0x1928 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
00:17:27.0914 0x1928 EhStorClass - ok
00:17:27.0934 0x1928 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
00:17:27.0938 0x1928 EhStorTcgDrv - ok
00:17:28.0045 0x1928 [ 616E1B9130314EB0E331197940AA625B, A4736A31EFF6D35A27B0EC14A7C855B7577301500E20CE936B0F1C0013F0FDF0 ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
00:17:28.0066 0x1928 ePowerSvc - ok
00:17:28.0099 0x1928 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
00:17:28.0100 0x1928 ErrDev - ok
00:17:28.0131 0x1928 [ F3AED65F54A867CE73D76BA6032E3BDD, 488B65C2574655AC9C9231FF0B677CB3B90C38689D4DE592D8060091AFB83445 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
00:17:28.0138 0x1928 ETD - ok
00:17:28.0225 0x1928 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll
00:17:28.0248 0x1928 EventSystem - ok
00:17:28.0280 0x1928 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
00:17:28.0284 0x1928 exfat - ok
00:17:28.0303 0x1928 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
00:17:28.0308 0x1928 fastfat - ok
00:17:28.0366 0x1928 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe
00:17:28.0409 0x1928 Fax - ok
00:17:28.0424 0x1928 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
00:17:28.0425 0x1928 fdc - ok
00:17:28.0447 0x1928 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll
00:17:28.0448 0x1928 fdPHost - ok
00:17:28.0459 0x1928 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll
00:17:28.0461 0x1928 FDResPub - ok
00:17:28.0480 0x1928 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll
00:17:28.0484 0x1928 fhsvc - ok
00:17:28.0512 0x1928 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
00:17:28.0514 0x1928 FileInfo - ok
00:17:28.0529 0x1928 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
00:17:28.0530 0x1928 Filetrace - ok
00:17:28.0548 0x1928 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
00:17:28.0550 0x1928 flpydisk - ok
00:17:28.0561 0x1928 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:17:28.0569 0x1928 FltMgr - ok
00:17:28.0618 0x1928 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll
00:17:28.0661 0x1928 FontCache - ok
00:17:28.0780 0x1928 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:17:28.0782 0x1928 FontCache3.0.0.0 - ok
00:17:28.0812 0x1928 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
00:17:28.0816 0x1928 FsDepends - ok
00:17:28.0836 0x1928 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:17:28.0838 0x1928 Fs_Rec - ok
00:17:28.0878 0x1928 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
00:17:28.0892 0x1928 fvevol - ok
00:17:28.0915 0x1928 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
00:17:28.0916 0x1928 FxPPM - ok
00:17:28.0928 0x1928 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
00:17:28.0930 0x1928 gagp30kx - ok
00:17:29.0021 0x1928 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
00:17:29.0032 0x1928 GamesAppService - ok
00:17:29.0066 0x1928 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
00:17:29.0067 0x1928 gencounter - ok
00:17:29.0227 0x1928 [ 4DF4ABCA09AF1530D712FA589CE3BE9F, 573C04358BBAEAEDFDC4F265627E8029295C31BB17C13B428D5694119AECEDAD ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
00:17:29.0250 0x1928 GfExperienceService - ok
00:17:29.0329 0x1928 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
00:17:29.0347 0x1928 GPIOClx0101 - ok
00:17:29.0524 0x1928 [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
00:17:29.0575 0x1928 gpsvc - ok
00:17:29.0634 0x1928 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
00:17:29.0639 0x1928 HDAudBus - ok
00:17:29.0661 0x1928 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
00:17:29.0663 0x1928 HidBatt - ok
00:17:29.0702 0x1928 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
00:17:29.0707 0x1928 HidBth - ok
00:17:29.0716 0x1928 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
00:17:29.0718 0x1928 hidi2c - ok
00:17:29.0750 0x1928 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
00:17:29.0752 0x1928 HidIr - ok
00:17:29.0772 0x1928 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll
00:17:29.0773 0x1928 hidserv - ok
00:17:29.0784 0x1928 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
00:17:29.0785 0x1928 HidUsb - ok
00:17:29.0806 0x1928 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
00:17:29.0809 0x1928 hkmsvc - ok
00:17:29.0826 0x1928 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
00:17:29.0832 0x1928 HomeGroupListener - ok
00:17:29.0866 0x1928 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
00:17:29.0874 0x1928 HomeGroupProvider - ok
00:17:29.0907 0x1928 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
00:17:29.0908 0x1928 HpSAMD - ok
00:17:29.0967 0x1928 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
00:17:30.0012 0x1928 HTTP - ok
00:17:30.0041 0x1928 [ DDBB283835010E52E88AAC6995B617D7, 00BDD20B4C8DAEB1FCF545E453A09B473F19A99D1368DF8F63F0FA549766E466 ] huawei_enumerator C:\WINDOWS\System32\drivers\ew_jubusenum.sys
00:17:30.0043 0x1928 huawei_enumerator - ok
00:17:30.0060 0x1928 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
00:17:30.0061 0x1928 hwpolicy - ok
00:17:30.0071 0x1928 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
00:17:30.0072 0x1928 hyperkbd - ok
00:17:30.0087 0x1928 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
00:17:30.0088 0x1928 HyperVideo - ok
00:17:30.0108 0x1928 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
00:17:30.0111 0x1928 i8042prt - ok
00:17:30.0127 0x1928 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
00:17:30.0128 0x1928 iaLPSSi_GPIO - ok
00:17:30.0147 0x1928 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
00:17:30.0149 0x1928 iaLPSSi_I2C - ok
00:17:30.0185 0x1928 [ FA4C48E36F0B24E7E33D3E7E1844B9C9, F61F448B8E305DEFDDA5D4A6FC4E57C798C11ED4DA0ACB885847DC8A9A7B4E98 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
00:17:30.0193 0x1928 iaStorA - ok
00:17:30.0271 0x1928 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
00:17:30.0292 0x1928 iaStorAV - ok
00:17:30.0328 0x1928 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
00:17:30.0335 0x1928 iaStorV - ok
00:17:30.0509 0x1928 [ ACD1812E8A531E1CEA09BA3991371E48, 87CAE32D26A36B0AEF8EC884CDFE3E6A572C9330206E004BD63423ED00BB5A62 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
00:17:30.0604 0x1928 IconMan_R - ok
00:17:30.0609 0x1928 IEEtwCollectorService - ok
00:17:30.0893 0x1928 [ 09F8023A17EE9EB0897A1B195428192B, 2DF018A24766E32E16F4B4FA9DA3D095BA42702B6869D4D1624A5EBF83805AF2 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
00:17:31.0032 0x1928 igfx - ok
00:17:31.0122 0x1928 [ F64E1962751A6DAA3FBB6210D6751E22, 972046FB7F0B443F9251F2F5B4AF0F8BAC2046B3EA295428BC888AAA568EC737 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
00:17:31.0129 0x1928 igfxCUIService1.0.0.0 - ok
00:17:31.0197 0x1928 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\WINDOWS\System32\ikeext.dll
00:17:31.0248 0x1928 IKEEXT - ok
00:17:31.0282 0x1928 [ CF25067821BB89E87021E9493C178863, 1AA25378EFD977BC6CD9405A395FA2962770385FAB5A9A55FC95B5F6DFD8D1AE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
00:17:31.0284 0x1928 intaud_WaveExtensible - ok
00:17:31.0472 0x1928 [ 7D7711B0F972C73AE46105B42092D82E, AC66AE06B65C03BCEE2FF90732B13B651862382CDFEE85A6B5497DF3A2FF75A2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
00:17:31.0553 0x1928 IntcAzAudAddService - ok
00:17:31.0608 0x1928 [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
00:17:31.0616 0x1928 IntcDAud - ok
00:17:31.0784 0x1928 [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
00:17:31.0808 0x1928 Intel(R) Capability Licensing Service Interface - ok
00:17:31.0886 0x1928 [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
00:17:31.0906 0x1928 Intel(R) Capability Licensing Service TCP IP Interface - ok
00:17:31.0972 0x1928 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
00:17:31.0974 0x1928 intelide - ok
00:17:32.0004 0x1928 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
00:17:32.0007 0x1928 intelpep - ok
00:17:32.0028 0x1928 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
00:17:32.0033 0x1928 intelppm - ok
00:17:32.0051 0x1928 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:17:32.0054 0x1928 IpFilterDriver - ok
00:17:32.0115 0x1928 [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
00:17:32.0147 0x1928 iphlpsvc - ok
00:17:32.0177 0x1928 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
00:17:32.0179 0x1928 IPMIDRV - ok
00:17:32.0208 0x1928 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
00:17:32.0211 0x1928 IPNAT - ok
00:17:32.0241 0x1928 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
00:17:32.0242 0x1928 IRENUM - ok
00:17:32.0254 0x1928 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
00:17:32.0255 0x1928 isapnp - ok
00:17:32.0277 0x1928 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
00:17:32.0284 0x1928 iScsiPrt - ok
00:17:32.0306 0x1928 [ 2DB1E2AE4A0DE62026296F0A6C29F3F5, A5A3D4D5BF9FF1DB5AC3BE15699B52707C8EB71EFA8FA82E7AE7A0C52C224380 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
00:17:32.0307 0x1928 iwdbus - ok
00:17:32.0410 0x1928 [ A326E83B46820EF62F7F0BA17A9DA542, 1CC6564B100517E62E7BACAC142F8B0C6B1800F16D9A25D95E9AA2C2CEC0E54B ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
00:17:32.0419 0x1928 jhi_service - ok
00:17:32.0445 0x1928 [ 45369E037410609D769852A1CE46A184, 752BE7BB167E602CD89D52E3A4382AF7C75033306E31884EC55872EF7A0A3EE2 ] k57nd60a C:\WINDOWS\system32\DRIVERS\k57nd60a.sys
00:17:32.0454 0x1928 k57nd60a - ok
00:17:32.0487 0x1928 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
00:17:32.0489 0x1928 kbdclass - ok
00:17:32.0492 0x1928 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
00:17:32.0493 0x1928 kbdhid - ok
00:17:32.0497 0x1928 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
00:17:32.0497 0x1928 kdnic - ok
00:17:32.0514 0x1928 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe
00:17:32.0515 0x1928 KeyIso - ok
00:17:32.0520 0x1928 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
00:17:32.0522 0x1928 KSecDD - ok
00:17:32.0543 0x1928 [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
00:17:32.0546 0x1928 KSecPkg - ok
00:17:32.0549 0x1928 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
00:17:32.0550 0x1928 ksthunk - ok
00:17:32.0578 0x1928 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
00:17:32.0585 0x1928 KtmRm - ok
00:17:32.0619 0x1928 [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
00:17:32.0625 0x1928 LanmanServer - ok
00:17:32.0659 0x1928 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
00:17:32.0665 0x1928 LanmanWorkstation - ok
00:17:32.0699 0x1928 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
00:17:32.0708 0x1928 lfsvc - ok
00:17:32.0726 0x1928 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
00:17:32.0728 0x1928 lltdio - ok
00:17:32.0764 0x1928 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
00:17:32.0769 0x1928 lltdsvc - ok
00:17:32.0796 0x1928 [ 95DD1E89A772A383E0FDC677A2E2ED44, 94701ACC1F4D5422CB7084609BC25D34A05F68829DB5030AA6697BD7DBC3B0B2 ] LMDriver C:\WINDOWS\System32\drivers\LMDriver.sys
00:17:32.0797 0x1928 LMDriver - ok
00:17:32.0828 0x1928 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
00:17:32.0829 0x1928 lmhosts - ok
00:17:32.0874 0x1928 [ 70C1B686CA9083970484DDDED4426A08, AA19295AC97EBE36E9CED4B162CBF1EEF4916B02FDA6255ACEF0492E79E94C64 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
00:17:32.0880 0x1928 LMS - ok
00:17:32.0917 0x1928 [ E1A37D1BF2F57345D078C324693F6A38, 99EF79344DB7EB1EBCABA716112FD23A350574BD67C451F421207E5341704504 ] LMSvc C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
00:17:32.0924 0x1928 LMSvc - ok
00:17:32.0969 0x1928 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
00:17:32.0976 0x1928 LSI_SAS - ok
00:17:33.0004 0x1928 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
00:17:33.0011 0x1928 LSI_SAS2 - ok
00:17:33.0057 0x1928 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
00:17:33.0063 0x1928 LSI_SAS3 - ok
00:17:33.0082 0x1928 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
00:17:33.0087 0x1928 LSI_SSS - ok
00:17:33.0168 0x1928 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll
00:17:33.0187 0x1928 LSM - ok
00:17:33.0233 0x1928 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
00:17:33.0237 0x1928 luafv - ok
00:17:33.0254 0x1928 [ CF12E148C6FC151335B7D7FE03F1C7A2, 7087DF6D884AF0A57AC22D7AE9C2903913AAB4CE52D19666B6513C3D5706E43C ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
00:17:33.0256 0x1928 MBAMProtector - ok
00:17:33.0324 0x1928 [ E27891A49DF92004041FEC5C3A2D4230, A4679A1F10F84935875E35A83FC7075499B8F4CBB543209A38C0D946347CD264 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
00:17:33.0361 0x1928 MBAMService - ok
00:17:33.0395 0x1928 [ 7FD0FDFB97D80B21195273C4C3810FE1, E1072821AB338F45740DE6CF7BDB7C676CC67AB4BFC2ACF78773ABB424152D2C ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
00:17:33.0396 0x1928 MBAMWebAccessControl - ok
00:17:33.0450 0x1928 [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
00:17:33.0464 0x1928 McComponentHostService - ok
00:17:33.0507 0x1928 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
00:17:33.0509 0x1928 megasas - ok
00:17:33.0550 0x1928 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
00:17:33.0573 0x1928 megasr - ok
00:17:33.0620 0x1928 [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
00:17:33.0621 0x1928 MEIx64 - ok
00:17:33.0660 0x1928 [ E97EE1F31F7E5349A06CE089658DA8A1, 8136155C734457E422331B3CBE67927C45FAB10B9B34789A612B58CF0E0E3BEC ] mfencrk C:\WINDOWS\system32\DRIVERS\mfencrk.sys
00:17:33.0663 0x1928 mfencrk - ok
00:17:33.0698 0x1928 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll
00:17:33.0703 0x1928 MMCSS - ok
00:17:33.0724 0x1928 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
00:17:33.0726 0x1928 Modem - ok
00:17:33.0750 0x1928 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
00:17:33.0751 0x1928 monitor - ok
00:17:33.0786 0x1928 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
00:17:33.0787 0x1928 mouclass - ok
00:17:33.0794 0x1928 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
00:17:33.0795 0x1928 mouhid - ok
00:17:33.0800 0x1928 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
00:17:33.0802 0x1928 mountmgr - ok
00:17:33.0833 0x1928 [ 0A68B3E37961CEC327EED518F6D62530, EDEB16545ECDDEA2ADFF73E4DF3E9FD87E4B7126C8CFB037ABAF883D157103DE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:17:33.0837 0x1928 MozillaMaintenance - ok
00:17:33.0852 0x1928 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
00:17:33.0854 0x1928 mpsdrv - ok
00:17:33.0907 0x1928 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
00:17:33.0929 0x1928 MpsSvc - ok
00:17:33.0992 0x1928 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
00:17:33.0995 0x1928 MRxDAV - ok
00:17:34.0036 0x1928 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:17:34.0043 0x1928 mrxsmb - ok
00:17:34.0069 0x1928 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
00:17:34.0074 0x1928 mrxsmb10 - ok
00:17:34.0080 0x1928 [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
00:17:34.0084 0x1928 mrxsmb20 - ok
00:17:34.0105 0x1928 [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
00:17:34.0107 0x1928 MsBridge - ok
00:17:34.0132 0x1928 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
00:17:34.0135 0x1928 MSDTC - ok
00:17:34.0140 0x1928 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:17:34.0141 0x1928 Msfs - ok
00:17:34.0151 0x1928 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
00:17:34.0152 0x1928 msgpiowin32 - ok
00:17:34.0170 0x1928 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
00:17:34.0171 0x1928 mshidkmdf - ok
00:17:34.0186 0x1928 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
00:17:34.0187 0x1928 mshidumdf - ok
00:17:34.0196 0x1928 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
00:17:34.0197 0x1928 msisadrv - ok
00:17:34.0228 0x1928 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
00:17:34.0232 0x1928 MSiSCSI - ok
00:17:34.0235 0x1928 msiserver - ok
00:17:34.0265 0x1928 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:17:34.0266 0x1928 MSKSSRV - ok
00:17:34.0299 0x1928 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
00:17:34.0301 0x1928 MsLldp - ok
00:17:34.0317 0x1928 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:17:34.0318 0x1928 MSPCLOCK - ok
00:17:34.0327 0x1928 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:17:34.0328 0x1928 MSPQM - ok
00:17:34.0352 0x1928 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
00:17:34.0359 0x1928 MsRPC - ok
00:17:34.0364 0x1928 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
00:17:34.0365 0x1928 mssmbios - ok
00:17:34.0382 0x1928 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
00:17:34.0382 0x1928 MSTEE - ok
00:17:34.0399 0x1928 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
00:17:34.0400 0x1928 MTConfig - ok
00:17:34.0405 0x1928 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
00:17:34.0406 0x1928 Mup - ok
00:17:34.0425 0x1928 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
00:17:34.0428 0x1928 mvumis - ok
00:17:34.0468 0x1928 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll
00:17:34.0476 0x1928 napagent - ok
00:17:34.0513 0x1928 [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
00:17:34.0521 0x1928 NativeWifiP - ok
00:17:34.0576 0x1928 [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate c:\Program Files (x86)\Nero\Update\NASvc.exe
00:17:34.0589 0x1928 NAUpdate - ok
00:17:34.0612 0x1928 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
00:17:34.0616 0x1928 NcaSvc - ok
00:17:34.0628 0x1928 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll
00:17:34.0632 0x1928 NcbService - ok
00:17:34.0645 0x1928 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
00:17:34.0647 0x1928 NcdAutoSetup - ok
00:17:34.0698 0x1928 [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
00:17:34.0731 0x1928 NDIS - ok
00:17:34.0745 0x1928 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
00:17:34.0746 0x1928 NdisCap - ok
00:17:34.0761 0x1928 [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
00:17:34.0764 0x1928 NdisImPlatform - ok
00:17:34.0788 0x1928 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:17:34.0789 0x1928 NdisTapi - ok
00:17:34.0804 0x1928 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:17:34.0805 0x1928 Ndisuio - ok
00:17:34.0822 0x1928 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
00:17:34.0823 0x1928 NdisVirtualBus - ok
00:17:34.0847 0x1928 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:17:34.0852 0x1928 NdisWan - ok
00:17:34.0857 0x1928 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:17:34.0860 0x1928 NdisWanLegacy - ok
00:17:34.0875 0x1928 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:17:34.0877 0x1928 NDProxy - ok
00:17:34.0904 0x1928 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
00:17:34.0906 0x1928 Ndu - ok
00:17:34.0914 0x1928 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:17:34.0916 0x1928 NetBIOS - ok
00:17:34.0924 0x1928 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:17:34.0929 0x1928 NetBT - ok
00:17:34.0938 0x1928 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:17:34.0939 0x1928 Netlogon - ok
00:17:34.0961 0x1928 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll
00:17:34.0967 0x1928 Netman - ok
00:17:35.0002 0x1928 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
00:17:35.0012 0x1928 netprofm - ok
00:17:35.0053 0x1928 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:17:35.0090 0x1928 NetTcpPortSharing - ok
00:17:35.0106 0x1928 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
00:17:35.0108 0x1928 netvsc - ok
00:17:35.0143 0x1928 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
00:17:35.0151 0x1928 NlaSvc - ok
00:17:35.0371 0x1928 [ 9B70CE32DD84A674B100BEA37F756016, 4B52FDA1FB24B02AE149AC70F46F3605B85A2A8AC5B948260BF53A5F076A674A ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
00:17:35.0478 0x1928 NOBU - ok
00:17:35.0504 0x1928 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:17:35.0505 0x1928 Npfs - ok
00:17:35.0526 0x1928 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
00:17:35.0527 0x1928 npsvctrig - ok
00:17:35.0561 0x1928 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll
00:17:35.0565 0x1928 nsi - ok
00:17:35.0573 0x1928 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
00:17:35.0575 0x1928 nsiproxy - ok
00:17:35.0696 0x1928 [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:17:35.0745 0x1928 Ntfs - ok
00:17:35.0758 0x1928 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
00:17:35.0759 0x1928 Null - ok
00:17:36.0385 0x1928 [ 7F58A8A5F208557F1FF8D7F45D5811DB, D9999DAD9BBBC907C8633AD08D90E40D861E9941A74CCF3C6183C9E220FEA0E9 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
00:17:36.0632 0x1928 nvlddmkm - ok
00:17:36.0796 0x1928 [ EC4F787905DC5753C46A4C05CEBADF45, 334E7E277A6FDABD91108DC4FE0D861DE6C00616CCFDC5E2D390CDDED62AF5D5 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
00:17:36.0836 0x1928 NvNetworkService - ok
00:17:36.0862 0x1928 [ BA17213DA758C56F3834FDF01BF22B4C, E162888B50FEDF96A02DF84E0BAF3F23EA4E4F2BD231DB3ACF4C4B40A5F566A8 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
00:17:36.0862 0x1928 nvpciflt - ok
00:17:36.0903 0x1928 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
00:17:36.0907 0x1928 nvraid - ok
00:17:36.0923 0x1928 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
00:17:36.0927 0x1928 nvstor - ok
00:17:36.0963 0x1928 [ D92F4ED189C8207D0274B8B6BB494892, 8F7656662D3F26BE51AED9B7368278B18915F98A627E70021F914016BF3E22DB ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
00:17:36.0964 0x1928 NvStreamKms - ok
00:17:36.0970 0x1928 NvStreamSvc - ok
00:17:37.0019 0x1928 [ 806069C408AE736E2182D2FF6C2FA8EE, 9C2D2309C4F4135772C53C10C7442BCA362657B062177B20C2F00DC2137E8362 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
00:17:37.0036 0x1928 nvsvc - ok
00:17:37.0093 0x1928 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
00:17:37.0094 0x1928 nvvad_WaveExtensible - ok
00:17:37.0110 0x1928 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
00:17:37.0113 0x1928 nv_agp - ok
00:17:37.0175 0x1928 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:17:37.0178 0x1928 ose - ok
00:17:37.0236 0x1928 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
00:17:37.0254 0x1928 p2pimsvc - ok
00:17:37.0294 0x1928 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
00:17:37.0306 0x1928 p2psvc - ok
00:17:37.0329 0x1928 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
00:17:37.0331 0x1928 Parport - ok
00:17:37.0360 0x1928 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
00:17:37.0362 0x1928 partmgr - ok
00:17:37.0373 0x1928 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
00:17:37.0382 0x1928 PcaSvc - ok
00:17:37.0392 0x1928 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
00:17:37.0399 0x1928 pci - ok
00:17:37.0421 0x1928 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
00:17:37.0422 0x1928 pciide - ok
00:17:37.0428 0x1928 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
00:17:37.0431 0x1928 pcmcia - ok
00:17:37.0435 0x1928 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
00:17:37.0436 0x1928 pcw - ok
00:17:37.0462 0x1928 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
00:17:37.0464 0x1928 pdc - ok
00:17:37.0507 0x1928 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
00:17:37.0525 0x1928 PEAUTH - ok
00:17:38.0151 0x1928 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
00:17:38.0195 0x1928 PerfHost - ok
00:17:38.0275 0x1928 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll
00:17:38.0317 0x1928 pla - ok
00:17:38.0355 0x1928 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
00:17:38.0358 0x1928 PlugPlay - ok
00:17:38.0402 0x1928 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
00:17:38.0406 0x1928 PNRPAutoReg - ok
00:17:38.0443 0x1928 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
00:17:38.0457 0x1928 PNRPsvc - ok
00:17:38.0513 0x1928 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
00:17:38.0525 0x1928 PolicyAgent - ok
00:17:38.0543 0x1928 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll
00:17:38.0548 0x1928 Power - ok
00:17:38.0855 0x1928 [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
00:17:38.0972 0x1928 PrintNotify - ok
00:17:39.0008 0x1928 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
00:17:39.0010 0x1928 Processor - ok
00:17:39.0037 0x1928 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
00:17:39.0042 0x1928 ProfSvc - ok
00:17:39.0076 0x1928 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
00:17:39.0079 0x1928 Psched - ok
00:17:39.0117 0x1928 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll
00:17:39.0123 0x1928 QWAVE - ok
00:17:39.0142 0x1928 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
00:17:39.0144 0x1928 QWAVEdrv - ok
00:17:39.0178 0x1928 [ E94067155C8AA4EF134CB2528E0C9CD7, 6EEF603F64827AB138930DFE379BF8E48E64AE8AA5EE7B9E0CA369022BAAA2EA ] RadioShim C:\WINDOWS\System32\drivers\RadioShim.sys
00:17:39.0179 0x1928 RadioShim - ok
00:17:39.0205 0x1928 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:17:39.0206 0x1928 RasAcd - ok
00:17:39.0241 0x1928 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:17:39.0244 0x1928 RasAuto - ok
00:17:39.0271 0x1928 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:17:39.0282 0x1928 RasMan - ok
00:17:39.0311 0x1928 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:17:39.0313 0x1928 RasPppoe - ok
00:17:39.0432 0x1928 [ 71FF75BAE3D6E362BE3AD07E26C2D00A, 33F82F817AAAD585D47112A88BCC9DC2FB1B7AB8448EE140FA00FA520D8647A7 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
00:17:39.0436 0x1928 Razer Game Scanner Service - ok
00:17:39.0460 0x1928 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:17:39.0468 0x1928 rdbss - ok
00:17:39.0479 0x1928 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
00:17:39.0481 0x1928 rdpbus - ok
00:17:39.0516 0x1928 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
00:17:39.0519 0x1928 RDPDR - ok
00:17:39.0538 0x1928 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
00:17:39.0539 0x1928 RdpVideoMiniport - ok
00:17:39.0554 0x1928 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
00:17:39.0559 0x1928 rdyboost - ok
00:17:39.0589 0x1928 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
00:17:39.0623 0x1928 ReFS - ok
00:17:39.0662 0x1928 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:17:39.0696 0x1928 RemoteAccess - ok
00:17:39.0733 0x1928 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:17:39.0741 0x1928 RemoteRegistry - ok
00:17:39.0774 0x1928 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
00:17:39.0783 0x1928 RFCOMM - ok
00:17:39.0800 0x1928 rjaty - ok
00:17:39.0830 0x1928 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
00:17:39.0835 0x1928 RpcEptMapper - ok
00:17:39.0866 0x1928 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe
00:17:39.0868 0x1928 RpcLocator - ok
00:17:39.0909 0x1928 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll
00:17:39.0929 0x1928 RpcSs - ok
00:17:39.0995 0x1928 [ 92650E6BFBB2F010C331DCDF49F09310, 0C7F2608A6051F7E932C9866EFAA13B0D57DF9D4FD88A178F737384C50719EB9 ] RSPCIESTOR C:\WINDOWS\system32\DRIVERS\RtsPStor.sys
00:17:40.0007 0x1928 RSPCIESTOR - ok
00:17:40.0044 0x1928 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
00:17:40.0046 0x1928 rspndr - ok
00:17:40.0069 0x1928 [ 5160E65ABB33B77D8750BD78808FD316, D75ED07007B0A00B50BE43402B7EAA6513F6B4908B7A4A521370F616F58A09AC ] rzdaendpt C:\WINDOWS\System32\drivers\rzdaendpt.sys
00:17:40.0071 0x1928 rzdaendpt - ok
00:17:40.0099 0x1928 [ F17F84511E7DFDEEAB646F0699A006D7, 5237937841FBD1F99A5D6161DEBA26182DDAF617CA98946EE7DB0AB67FC149EA ] rzpmgrk C:\WINDOWS\system32\drivers\rzpmgrk.sys
00:17:40.0100 0x1928 rzpmgrk - ok
00:17:40.0106 0x1928 [ FEF60A37301E1F5A3020FA3487FB2CD7, 0C925468C3376458D0E1EC65E097BD1A81A03901035C0195E8F6EF904EF3F901 ] rzpnk C:\WINDOWS\system32\drivers\rzpnk.sys
00:17:40.0108 0x1928 rzpnk - ok
00:17:40.0141 0x1928 [ 77C5AB228FE307C55FEF0C575E218771, 73C9D4593DA694B2D52817F608E749296D9CC1C44906C97204595476B68AD50F ] rzudd C:\WINDOWS\System32\drivers\rzudd.sys
00:17:40.0145 0x1928 rzudd - ok
00:17:40.0166 0x1928 [ 6BD87A54B92C7D41345A079D5B5C68FF, DFC20DF473A2575AB1DFE317532F0E09B4901B6761034CE52BA13C28A608C127 ] rzvkeyboard C:\WINDOWS\System32\drivers\rzvkeyboard.sys
00:17:40.0167 0x1928 rzvkeyboard - ok
00:17:40.0193 0x1928 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
00:17:40.0194 0x1928 s3cap - ok
00:17:40.0229 0x1928 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe
00:17:40.0231 0x1928 SamSs - ok
00:17:40.0301 0x1928 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
00:17:40.0305 0x1928 sbp2port - ok
00:17:40.0339 0x1928 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
00:17:40.0344 0x1928 SCardSvr - ok
00:17:40.0354 0x1928 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
00:17:40.0358 0x1928 ScDeviceEnum - ok
00:17:40.0383 0x1928 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
00:17:40.0384 0x1928 scfilter - ok
00:17:40.0449 0x1928 [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:17:40.0522 0x1928 Schedule - ok
00:17:40.0597 0x1928 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
00:17:40.0602 0x1928 SCPolicySvc - ok
00:17:40.0692 0x1928 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
00:17:40.0699 0x1928 sdbus - ok
00:17:40.0722 0x1928 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
00:17:40.0725 0x1928 sdstor - ok
00:17:40.0749 0x1928 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
00:17:40.0750 0x1928 secdrv - ok
00:17:40.0782 0x1928 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll
00:17:40.0785 0x1928 seclogon - ok
00:17:40.0805 0x1928 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll
00:17:40.0808 0x1928 SENS - ok
00:17:40.0823 0x1928 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
00:17:40.0830 0x1928 SensrSvc - ok
00:17:40.0848 0x1928 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
00:17:40.0850 0x1928 SerCx - ok
00:17:40.0868 0x1928 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
00:17:40.0872 0x1928 SerCx2 - ok
00:17:40.0895 0x1928 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
00:17:40.0897 0x1928 Serenum - ok
00:17:40.0912 0x1928 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
00:17:40.0915 0x1928 Serial - ok
00:17:40.0919 0x1928 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
00:17:40.0920 0x1928 sermouse - ok
00:17:40.0948 0x1928 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
00:17:40.0957 0x1928 SessionEnv - ok
00:17:40.0963 0x1928 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
00:17:40.0964 0x1928 sfloppy - ok
00:17:41.0000 0x1928 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:17:41.0008 0x1928 SharedAccess - ok
00:17:41.0037 0x1928 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:17:41.0056 0x1928 ShellHWDetection - ok
00:17:41.0086 0x1928 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
00:17:41.0087 0x1928 SiSRaid2 - ok
00:17:41.0104 0x1928 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
00:17:41.0107 0x1928 SiSRaid4 - ok
00:17:41.0146 0x1928 [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:17:41.0152 0x1928 SkypeUpdate - ok
00:17:41.0188 0x1928 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll
00:17:41.0191 0x1928 smphost - ok
00:17:41.0229 0x1928 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
00:17:41.0232 0x1928 SNMPTRAP - ok
00:17:41.0291 0x1928 [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
00:17:41.0305 0x1928 spaceport - ok
00:17:41.0321 0x1928 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
00:17:41.0323 0x1928 SpbCx - ok
00:17:41.0355 0x1928 [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\WINDOWS\System32\spoolsv.exe
00:17:41.0397 0x1928 Spooler - ok
00:17:41.0982 0x1928 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
00:17:42.0170 0x1928 sppsvc - ok
00:17:42.0276 0x1928 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:17:42.0298 0x1928 srv - ok
00:17:42.0356 0x1928 [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
00:17:42.0374 0x1928 srv2 - ok
00:17:42.0384 0x1928 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
00:17:42.0388 0x1928 srvnet - ok
00:17:42.0433 0x1928 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:17:42.0439 0x1928 SSDPSRV - ok
00:17:42.0511 0x1928 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
00:17:42.0522 0x1928 SstpSvc - ok
00:17:42.0561 0x1928 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
00:17:42.0568 0x1928 ssudmdm - ok
00:17:42.0636 0x1928 [ 5317D001B40EAF91ECA71644F1B984C6, 43F2D5E025527EE19483D0FCA1C8559740556B8F60EE1B4D6AC4BFB826F4162D ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
00:17:42.0684 0x1928 Steam Client Service - ok
00:17:42.0728 0x1928 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
00:17:42.0730 0x1928 stexstor - ok
00:17:42.0787 0x1928 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll
00:17:42.0827 0x1928 stisvc - ok
00:17:42.0877 0x1928 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
00:17:42.0882 0x1928 storahci - ok
00:17:42.0916 0x1928 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
00:17:42.0919 0x1928 storflt - ok
00:17:42.0945 0x1928 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
00:17:42.0949 0x1928 stornvme - ok
00:17:42.0976 0x1928 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll
00:17:42.0980 0x1928 StorSvc - ok
00:17:43.0013 0x1928 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
00:17:43.0016 0x1928 storvsc - ok
00:17:43.0042 0x1928 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll
00:17:43.0046 0x1928 svsvc - ok
00:17:43.0069 0x1928 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
00:17:43.0071 0x1928 swenum - ok
00:17:43.0135 0x1928 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll
00:17:43.0181 0x1928 swprv - ok
00:17:43.0234 0x1928 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll
00:17:43.0297 0x1928 SysMain - ok
00:17:43.0356 0x1928 [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
00:17:43.0363 0x1928 SystemEventsBroker - ok
00:17:43.0394 0x1928 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
00:17:43.0398 0x1928 TabletInputService - ok
00:17:43.0413 0x1928 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:17:43.0420 0x1928 TapiSrv - ok
00:17:43.0510 0x1928 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
00:17:43.0597 0x1928 Tcpip - ok
00:17:43.0819 0x1928 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:17:43.0852 0x1928 TCPIP6 - ok
00:17:43.0894 0x1928 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
00:17:43.0917 0x1928 tcpipreg - ok
00:17:43.0959 0x1928 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
00:17:43.0964 0x1928 tdx - ok
00:17:43.0988 0x1928 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
00:17:43.0991 0x1928 terminpt - ok
00:17:44.0068 0x1928 [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\WINDOWS\System32\termsrv.dll
00:17:44.0116 0x1928 TermService - ok
00:17:44.0171 0x1928 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll
00:17:44.0187 0x1928 Themes - ok
00:17:44.0227 0x1928 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
00:17:44.0233 0x1928 THREADORDER - ok
00:17:44.0296 0x1928 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
00:17:44.0308 0x1928 TimeBroker - ok
00:17:44.0353 0x1928 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
00:17:44.0361 0x1928 TPM - ok
00:17:44.0380 0x1928 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll
00:17:44.0385 0x1928 TrkWks - ok
00:17:44.0434 0x1928 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
00:17:44.0436 0x1928 TrustedInstaller - ok
00:17:44.0454 0x1928 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
00:17:44.0456 0x1928 TsUsbFlt - ok
00:17:44.0475 0x1928 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
00:17:44.0477 0x1928 TsUsbGD - ok
00:17:44.0506 0x1928 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
00:17:44.0509 0x1928 tunnel - ok
00:17:44.0529 0x1928 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
00:17:44.0531 0x1928 uagp35 - ok
00:17:44.0544 0x1928 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
00:17:44.0546 0x1928 UASPStor - ok
00:17:44.0582 0x1928 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
00:17:44.0588 0x1928 UCX01000 - ok
00:17:44.0614 0x1928 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
00:17:44.0621 0x1928 udfs - ok
00:17:44.0639 0x1928 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
00:17:44.0640 0x1928 UEFI - ok
00:17:44.0676 0x1928 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
00:17:44.0678 0x1928 UI0Detect - ok
00:17:44.0696 0x1928 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
00:17:44.0698 0x1928 uliagpkx - ok
00:17:44.0704 0x1928 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
00:17:44.0706 0x1928 umbus - ok
00:17:44.0709 0x1928 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
00:17:44.0710 0x1928 UmPass - ok
00:17:44.0744 0x1928 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
00:17:44.0752 0x1928 UmRdpService - ok
00:17:44.0769 0x1928 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll
00:17:44.0777 0x1928 upnphost - ok
00:17:44.0802 0x1928 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
00:17:44.0804 0x1928 usbaudio - ok
00:17:44.0814 0x1928 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
00:17:44.0818 0x1928 usbccgp - ok
00:17:44.0840 0x1928 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
00:17:44.0842 0x1928 usbcir - ok
00:17:44.0852 0x1928 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
00:17:44.0854 0x1928 usbehci - ok
00:17:44.0867 0x1928 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
00:17:44.0877 0x1928 usbhub - ok
00:17:44.0890 0x1928 [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
00:17:44.0900 0x1928 USBHUB3 - ok
00:17:44.0928 0x1928 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
00:17:44.0929 0x1928 usbohci - ok
00:17:44.0944 0x1928 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
00:17:44.0945 0x1928 usbprint - ok
00:17:44.0990 0x1928 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
00:17:44.0995 0x1928 USBSTOR - ok
00:17:44.0998 0x1928 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
00:17:44.0999 0x1928 usbuhci - ok
00:17:45.0028 0x1928 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
00:17:45.0033 0x1928 usbvideo - ok
00:17:45.0049 0x1928 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
00:17:45.0057 0x1928 USBXHCI - ok
00:17:45.0067 0x1928 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
00:17:45.0068 0x1928 VaultSvc - ok
00:17:45.0071 0x1928 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
00:17:45.0072 0x1928 vdrvroot - ok
00:17:45.0153 0x1928 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe
00:17:45.0203 0x1928 vds - ok
00:17:45.0224 0x1928 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
00:17:45.0228 0x1928 VerifierExt - ok
00:17:45.0253 0x1928 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
00:17:45.0273 0x1928 vhdmp - ok
00:17:45.0352 0x1928 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
00:17:45.0354 0x1928 viaide - ok
00:17:45.0382 0x1928 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
00:17:45.0389 0x1928 vmbus - ok
00:17:45.0436 0x1928 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
00:17:45.0439 0x1928 VMBusHID - ok
00:17:45.0503 0x1928 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
00:17:45.0512 0x1928 vmicguestinterface - ok
00:17:45.0523 0x1928 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
00:17:45.0531 0x1928 vmicheartbeat - ok
00:17:45.0541 0x1928 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
00:17:45.0549 0x1928 vmickvpexchange - ok
00:17:45.0559 0x1928 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
00:17:45.0567 0x1928 vmicrdv - ok
00:17:45.0590 0x1928 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
00:17:45.0598 0x1928 vmicshutdown - ok
00:17:45.0618 0x1928 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
00:17:45.0625 0x1928 vmictimesync - ok
00:17:45.0651 0x1928 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
00:17:45.0658 0x1928 vmicvss - ok
00:17:45.0716 0x1928 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
00:17:45.0718 0x1928 volmgr - ok
00:17:45.0734 0x1928 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
00:17:45.0741 0x1928 volmgrx - ok
00:17:45.0764 0x1928 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
00:17:45.0772 0x1928 volsnap - ok
00:17:45.0804 0x1928 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
00:17:45.0806 0x1928 vpci - ok
00:17:45.0884 0x1928 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
00:17:45.0893 0x1928 vsmraid - ok
00:17:45.0955 0x1928 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe
00:17:46.0005 0x1928 VSS - ok
00:17:46.0023 0x1928 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
00:17:46.0029 0x1928 VSTXRAID - ok
00:17:46.0076 0x1928 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
00:17:46.0079 0x1928 vwifibus - ok
00:17:46.0119 0x1928 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
00:17:46.0124 0x1928 vwififlt - ok
00:17:46.0141 0x1928 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
00:17:46.0144 0x1928 vwifimp - ok
00:17:46.0200 0x1928 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll
00:17:46.0243 0x1928 W32Time - ok
00:17:46.0257 0x1928 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
00:17:46.0259 0x1928 WacomPen - ok
00:17:46.0320 0x1928 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe
00:17:46.0367 0x1928 wbengine - ok
00:17:46.0400 0x1928 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
00:17:46.0420 0x1928 WbioSrvc - ok
00:17:46.0443 0x1928 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
00:17:46.0453 0x1928 Wcmsvc - ok
00:17:46.0476 0x1928 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
00:17:46.0484 0x1928 wcncsvc - ok
00:17:46.0497 0x1928 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
00:17:46.0499 0x1928 WcsPlugInService - ok
00:17:46.0521 0x1928 [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
00:17:46.0522 0x1928 WdBoot - ok
00:17:46.0562 0x1928 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
00:17:46.0584 0x1928 Wdf01000 - ok
00:17:46.0608 0x1928 [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
00:17:46.0613 0x1928 WdFilter - ok
00:17:46.0625 0x1928 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
00:17:46.0628 0x1928 WdiServiceHost - ok
00:17:46.0632 0x1928 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
00:17:46.0634 0x1928 WdiSystemHost - ok
00:17:46.0663 0x1928 [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
00:17:46.0666 0x1928 WdNisDrv - ok
00:17:46.0688 0x1928 WdNisSvc - ok
00:17:46.0712 0x1928 [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\WINDOWS\System32\webclnt.dll
00:17:46.0717 0x1928 WebClient - ok
00:17:46.0738 0x1928 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
00:17:46.0745 0x1928 Wecsvc - ok
00:17:46.0760 0x1928 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
00:17:46.0762 0x1928 WEPHOSTSVC - ok
00:17:46.0773 0x1928 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
00:17:46.0776 0x1928 wercplsupport - ok
00:17:46.0790 0x1928 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
00:17:46.0794 0x1928 WerSvc - ok
00:17:46.0820 0x1928 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
00:17:46.0823 0x1928 WFPLWFS - ok
00:17:46.0842 0x1928 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
00:17:46.0845 0x1928 WiaRpc - ok
00:17:46.0891 0x1928 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
00:17:46.0893 0x1928 WIMMount - ok
00:17:46.0897 0x1928 WinDefend - ok
00:17:47.0014 0x1928 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
00:17:47.0037 0x1928 WinHttpAutoProxySvc - ok
00:17:47.0207 0x1928 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:17:47.0216 0x1928 Winmgmt - ok
00:17:47.0425 0x1928 [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
00:17:47.0535 0x1928 WinRM - ok
00:17:47.0590 0x1928 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
00:17:47.0593 0x1928 WinUsb - ok
00:17:47.0680 0x1928 [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
00:17:47.0748 0x1928 WlanSvc - ok
00:17:47.0847 0x1928 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
00:17:47.0881 0x1928 wlidsvc - ok
00:17:47.0904 0x1928 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
00:17:47.0905 0x1928 WmiAcpi - ok
00:17:47.0938 0x1928 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
00:17:47.0942 0x1928 wmiApSrv - ok
00:17:47.0975 0x1928 WMPNetworkSvc - ok
00:17:47.0995 0x1928 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
00:17:47.0999 0x1928 Wof - ok
00:17:48.0054 0x1928 [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
00:17:48.0108 0x1928 workfolderssvc - ok
00:17:48.0147 0x1928 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
00:17:48.0149 0x1928 wpcfltr - ok
00:17:48.0175 0x1928 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
00:17:48.0179 0x1928 WPCSvc - ok
00:17:48.0197 0x1928 [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
00:17:48.0202 0x1928 WPDBusEnum - ok
00:17:48.0222 0x1928 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
00:17:48.0223 0x1928 WpdUpFltr - ok
00:17:48.0246 0x1928 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
00:17:48.0247 0x1928 ws2ifsl - ok
00:17:48.0267 0x1928 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll
00:17:48.0273 0x1928 wscsvc - ok
00:17:48.0276 0x1928 WSearch - ok
00:17:48.0432 0x1928 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll
00:17:48.0510 0x1928 WSService - ok
00:17:48.0550 0x1928 [ 0ECE1883160759330E896B82A9EBB70B, 6D35A50C80F1A5329D2C575B3FD2C3EEF43992CFA48F9EA6F559D16B9A9502C5 ] WTGService C:\Program Files (x86)\3DataManager\WTGService.exe
00:17:48.0557 0x1928 WTGService - ok
00:17:48.0669 0x1928 [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
00:17:48.0761 0x1928 wuauserv - ok
00:17:48.0788 0x1928 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
00:17:48.0791 0x1928 WudfPf - ok
00:17:48.0805 0x1928 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
00:17:48.0809 0x1928 WUDFRd - ok
00:17:48.0817 0x1928 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
00:17:48.0820 0x1928 WUDFSensorLP - ok
00:17:48.0830 0x1928 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
00:17:48.0834 0x1928 wudfsvc - ok
00:17:48.0849 0x1928 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
00:17:48.0853 0x1928 WUDFWpdFs - ok
00:17:48.0858 0x1928 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
00:17:48.0861 0x1928 WUDFWpdMtp - ok
00:17:48.0894 0x1928 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
00:17:48.0904 0x1928 WwanSvc - ok
00:17:48.0912 0x1928 ================ Scan global ===============================
00:17:48.0937 0x1928 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
00:17:48.0970 0x1928 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
00:17:49.0003 0x1928 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
00:17:49.0040 0x1928 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
00:17:49.0057 0x1928 [ Global ] - ok
00:17:49.0057 0x1928 ================ Scan MBR ==================================
00:17:49.0067 0x1928 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
00:17:49.0074 0x1928 \Device\Harddisk0\DR0 - ok
00:17:49.0074 0x1928 ================ Scan VBR ==================================
00:17:49.0076 0x1928 [ 79E05C9584EA03BB3C868BC23A07698E ] \Device\Harddisk0\DR0\Partition1
00:17:49.0093 0x1928 \Device\Harddisk0\DR0\Partition1 - ok
00:17:49.0106 0x1928 [ 9142B71EFBDC0FB443F0D55B8E416149 ] \Device\Harddisk0\DR0\Partition2
00:17:49.0117 0x1928 \Device\Harddisk0\DR0\Partition2 - ok
00:17:49.0130 0x1928 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
00:17:49.0132 0x1928 \Device\Harddisk0\DR0\Partition3 - ok
00:17:49.0143 0x1928 [ C28B69D5EB29E643F9419574F7D1077A ] \Device\Harddisk0\DR0\Partition4
00:17:49.0204 0x1928 \Device\Harddisk0\DR0\Partition4 - ok
00:17:49.0233 0x1928 [ 13E888D9B6C5EEF316B4FE5CFB06828D ] \Device\Harddisk0\DR0\Partition5
00:17:49.0249 0x1928 \Device\Harddisk0\DR0\Partition5 - ok
00:17:49.0267 0x1928 [ D6FF1BD3BB12C448ED05C6FA9A038F40 ] \Device\Harddisk0\DR0\Partition6
00:17:49.0285 0x1928 \Device\Harddisk0\DR0\Partition6 - ok
00:17:49.0286 0x1928 ================ Scan generic autorun ======================
00:17:49.0716 0x1928 [ 6DDA13FB28B620FEE52E0E616F4E7B70, 8C75E17E2C0C81BA3D1660ACB73591C181C3BD15237DF3A2E9734A7FF365C16A ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
00:17:50.0075 0x1928 RtHDVCpl - ok
00:17:50.0126 0x1928 [ 45D629AAF007A0DED6689A7A031D2AC7, DD10DEA927A2CC16EE38765DD1DE45E88288C09923DC14A95C1C6E457D535BCC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
00:17:50.0174 0x1928 RtHDVBg_Dolby - ok
00:17:50.0176 0x1928 ETDCtrl - ok
00:17:50.0209 0x1928 [ F81335DDF58DE487446438A5CBBC782F, E0C2350547B4B66C709679551177188C31E134E019011A703CAB39F9172731BC ] C:\Windows\system32\igfxtray.exe
00:17:50.0217 0x1928 IgfxTray - ok
00:17:50.0218 0x1928 HotKeysCmds - ok
00:17:50.0219 0x1928 Persistence - ok
00:17:50.0321 0x1928 [ 1F441326CD77B3F1532D487004B180FF, FD2FE6EECE1EF99F800DAF7B0C825C94FACE4C6D5806A2335B4D3C41F1E87F7F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
00:17:50.0389 0x1928 NvBackend - ok
00:17:50.0420 0x1928 [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\WINDOWS\system32\rundll32.exe
00:17:50.0422 0x1928 ShadowPlay - ok
00:17:50.0524 0x1928 [ C46229075C0CE88B2BB71AC5664601CE, 0B8CAD993148AF73EA07D375AA9A1EAA1EADC409DF3E21ECBACF91204D191125 ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
00:17:50.0619 0x1928 Norton Online Backup - ok
00:17:50.0678 0x1928 [ 9153F2335BCDB87F41559CF066223BF9, C0F89F9A63B1F49F007A971F5180128EC0AFBBBF7CFA82CA1FA44CB9DB5F8BB3 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
00:17:50.0705 0x1928 SunJavaUpdateSched - ok
00:17:50.0830 0x1928 [ 32E6162E6DD6D25EEA08F926151F22F6, 0160C1738C79DAC3D7C3C72B5B00D08570B3D6051E171C9978EA8D55A528CE5E ] C:\Program Files (x86)\Steam\steam.exe
00:17:50.0866 0x1928 Steam - ok
00:17:51.0024 0x1928 [ A578CC0B7F91EA85168DD43AFC6512F7, 0D7E4FCA58F6D174060BA9FB596B1A54037DA2B578E8B2C1F42D71A840EB667B ] C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe
00:17:51.0040 0x1928 UPNP Service - ok
00:17:51.0041 0x1928 Waiting for KSN requests completion. In queue: 128
00:17:52.0042 0x1928 Waiting for KSN requests completion. In queue: 128
00:17:53.0043 0x1928 Waiting for KSN requests completion. In queue: 128
00:17:54.0079 0x1928 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
00:17:54.0085 0x1928 Win FW state via NFP2: enabled
00:17:56.0450 0x1928 ============================================================
00:17:56.0450 0x1928 Scan finished
00:17:56.0450 0x1928 ============================================================
00:17:56.0467 0x1920 Detected object count: 0
00:17:56.0467 0x1920 Actual detected object count: 0
00:22:03.0281 0x18a8 Deinitialize success

schrauber 27.03.2015 18:54
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307




MBAR bitte nochmal. Jetzt keine Funde mehr?


dann so weiter:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Faru 27.03.2015 19:41
Code:
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2014.11.18.05
  rootkit: v2014.11.12.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17690
Sebi :: PC-SEBI [administrator]

26.03.2015 19:40:47
mbar-log-2015-03-26 (19-40-47).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 903
Time elapsed: 35 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Code:
# AdwCleaner v4.113 - Bericht erstellt 27/03/2015 um 19:30:01
# Aktualisiert 22/03/2015 von Xplode
# Datenbank : 2015-03-27.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Sebi - PC-SEBI
# Gestarted von : C:\Users\Sebi\Downloads\AdwCleaner_4.113.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default\invalidprefs.js

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\a3a5a2e080e121e467a75d823c0022bf
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v36.0.4 (x86 de)


*************************

AdwCleaner[R0].txt - [1747 Bytes] - [27/03/2015 19:05:13]
AdwCleaner[R1].txt - [1806 Bytes] - [27/03/2015 19:28:48]
AdwCleaner[S0].txt - [1314 Bytes] - [27/03/2015 19:30:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1373  Bytes] ##########
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Sebi (administrator) on PC-SEBI on 27-03-2015 19:38:46
Running from C:\Users\Sebi\Downloads
Loaded Profiles: Sebi (Available profiles: Sebi)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files (x86)\3DataManager\WTGService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
() C:\Windows\System32\igfxTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-24] ( (Atheros Communications))
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [UPNP Service] => C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe [902144 2015-03-25] ()
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\MountPoints2: {3ef3322e-f63a-11e2-be6c-806e6f6e6963} - "D:\SETUP.EXE"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2171534533-33094092-2416115179-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2171534533-33094092-2416115179-1002 -> {6C84E0BC-9872-4A8D-8BD9-601B5D96A660} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-24] (Qualcomm Atheros Commnucations)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default
FF Homepage: https://www.google.at
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2014-11-28] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-22] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin HKU\S-1-5-21-2171534533-33094092-2416115179-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sebi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-11]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-24] (Qualcomm Atheros Commnucations) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-15] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [343024 2012-07-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 rzdaendpt; C:\Windows\System32\drivers\rzdaendpt.sys [33448 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [31912 2014-12-30] (Razer Inc)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S0 rjaty; System32\drivers\imofugc.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-27 19:38 - 2015-03-27 19:38 - 00001335 _____ () C:\Users\Sebi\Desktop\JRT.txt
2015-03-27 19:35 - 2015-03-27 19:35 - 01388782 _____ (Thisisu) C:\Users\Sebi\Downloads\JRT.exe
2015-03-27 19:28 - 2015-03-27 19:28 - 00001291 _____ () C:\Users\Sebi\Desktop\mbam.txt
2015-03-27 19:04 - 2015-03-27 19:30 - 00000000 ____D () C:\AdwCleaner
2015-03-27 19:04 - 2015-03-27 19:04 - 02168320 _____ () C:\Users\Sebi\Downloads\AdwCleaner_4.113.exe
2015-03-26 19:43 - 2015-03-26 19:44 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sebi\Downloads\tdsskiller.exe
2015-03-26 19:40 - 2015-03-27 19:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-26 19:39 - 2015-03-26 20:09 - 00000000 ____D () C:\Users\Sebi\Desktop\mbar
2015-03-26 19:39 - 2015-03-26 19:39 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sebi\Downloads\mbar-1.09.1.1004.exe
2015-03-26 15:06 - 2015-03-26 15:06 - 00030079 _____ () C:\Users\Sebi\Downloads\Addition.txt
2015-03-26 15:05 - 2015-03-27 19:38 - 00018468 _____ () C:\Users\Sebi\Downloads\FRST.txt
2015-03-26 15:05 - 2015-03-27 19:38 - 00000000 ____D () C:\FRST
2015-03-26 15:05 - 2015-03-26 15:05 - 02095616 _____ (Farbar) C:\Users\Sebi\Downloads\FRST64.exe
2015-03-25 20:48 - 2015-03-27 19:05 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-25 20:48 - 2015-03-27 19:04 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-25 20:48 - 2015-03-25 20:48 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-25 20:48 - 2015-03-25 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-25 20:48 - 2015-03-25 20:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-25 20:48 - 2015-03-25 20:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-25 20:48 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-25 20:48 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-25 20:45 - 2015-03-25 20:45 - 01203488 _____ () C:\Users\Sebi\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2015-03-25 18:24 - 2015-03-25 18:24 - 01203488 _____ () C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer(1).exe
2015-03-25 11:35 - 2015-03-11 03:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-03-24 13:09 - 2015-03-26 20:11 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4
2015-03-24 10:15 - 2015-03-24 10:15 - 01054912 _____ (Adobe) C:\Users\Sebi\Downloads\install_flashplayer17x32au_ltr5x64d_awc_aih.exe
2015-03-24 01:29 - 2015-03-24 01:29 - 00000000 __SHD () C:\Users\Sebi\AppData\Roaming\FolderName
2015-03-24 01:22 - 2015-03-24 01:22 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Skype
2015-03-24 01:21 - 2015-03-25 21:09 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Skype
2015-03-24 01:21 - 2015-03-24 01:21 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-24 01:21 - 2015-03-24 01:21 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-24 01:21 - 2015-03-24 01:21 - 00000000 ____D () C:\ProgramData\Skype
2015-03-24 01:21 - 2015-03-24 01:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-24 01:20 - 2015-03-24 01:20 - 00003134 _____ () C:\WINDOWS\System32\Tasks\{99D679EF-1A1A-4D6A-8435-4AAA89B03323}
2015-03-22 01:33 - 2015-03-22 01:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-19 21:08 - 2015-03-19 21:08 - 00000000 ____D () C:\Users\Sebi\Documents\Benutzerdefinierte Office-Vorlagen
2015-03-16 19:08 - 2015-03-16 19:08 - 00000222 _____ () C:\Users\Sebi\Desktop\South Park The Stick of Truth.url
2015-03-11 11:35 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 11:35 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 11:35 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 11:35 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 11:34 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 11:34 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 11:34 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 11:34 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 11:34 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 11:34 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 11:34 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 11:34 - 2015-02-07 00:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 11:34 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 11:34 - 2015-02-06 02:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 11:34 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 11:34 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 11:34 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 11:34 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 11:34 - 2015-01-31 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 11:34 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 11:34 - 2015-01-30 04:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 11:34 - 2015-01-30 04:00 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-11 11:34 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 11:34 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 11:34 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 11:34 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 11:34 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 11:34 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 11:34 - 2014-10-29 03:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-03-11 11:34 - 2014-10-29 03:46 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-03-11 11:34 - 2014-10-29 03:46 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-03-11 11:34 - 2014-10-29 03:45 - 01198080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-03-11 11:34 - 2014-10-29 03:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-03-11 11:34 - 2014-10-29 03:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-03-11 11:34 - 2014-10-29 03:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2015-03-11 11:34 - 2014-10-29 03:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-03-11 11:34 - 2014-10-29 03:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2015-03-11 11:34 - 2014-10-29 03:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-03-11 11:34 - 2014-10-29 03:03 - 00241152 ____C (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2015-03-11 11:34 - 2014-10-29 03:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-03-11 11:34 - 2014-10-29 03:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-03-11 11:34 - 2014-10-29 02:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2015-03-11 11:34 - 2014-10-29 02:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2015-03-11 11:34 - 2014-10-29 02:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-11 11:34 - 2014-10-29 02:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-03-11 11:34 - 2014-10-29 02:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2015-03-11 11:34 - 2014-10-29 02:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-03-11 11:34 - 2014-10-29 02:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-03-11 11:34 - 2014-10-29 01:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-03-11 11:34 - 2014-10-29 01:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-03-11 11:34 - 2014-10-29 01:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-11 11:34 - 2014-10-29 01:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-03-11 11:33 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 11:33 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 11:33 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 11:33 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 11:33 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 11:33 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 11:33 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 11:33 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 11:33 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 11:33 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 11:33 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 11:33 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 11:33 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 11:33 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 11:33 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 11:33 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 11:33 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 11:33 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 11:33 - 2015-01-29 01:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 11:33 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 11:33 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 11:33 - 2015-01-29 01:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 11:33 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 11:33 - 2015-01-28 16:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 11:33 - 2015-01-28 16:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 11:33 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 11:33 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 11:33 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 11:33 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 11:33 - 2014-10-29 04:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-03-11 11:33 - 2014-10-29 03:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-11 11:33 - 2014-10-29 03:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-03-11 11:33 - 2014-10-29 03:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-03-11 11:33 - 2014-10-29 02:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-11 11:33 - 2014-10-29 02:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-03-11 11:33 - 2014-10-29 02:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-11 11:33 - 2014-10-29 01:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2015-03-11 11:33 - 2014-10-29 01:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 11:30 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 11:30 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 11:30 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 11:30 - 2015-02-21 01:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 11:30 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 11:30 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 11:30 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 11:30 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 11:30 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 11:30 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 11:30 - 2015-02-20 03:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 11:30 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 11:30 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 11:30 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 11:30 - 2015-02-20 03:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 11:30 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 11:30 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 11:30 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 11:30 - 2015-02-20 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 11:30 - 2015-02-20 02:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 11:30 - 2015-02-20 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 11:30 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 11:30 - 2015-02-20 02:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 11:30 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 11:30 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 11:30 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 11:30 - 2015-02-20 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 11:30 - 2015-02-20 02:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 11:30 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 11:30 - 2015-02-20 02:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 11:30 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 11:30 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 11:30 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 11:30 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 11:30 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 11:30 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 11:30 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 11:29 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 11:29 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 11:29 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 11:29 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 11:29 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-11 11:28 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 11:28 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 11:28 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 11:28 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 11:28 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 11:28 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 11:28 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-11 11:28 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-09 22:44 - 2015-03-09 22:44 - 00004856 _____ () C:\Users\Sebi\Downloads\config_ endde83.zip
2015-02-25 11:46 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-25 11:46 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-25 11:46 - 2014-10-29 02:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-02-25 11:46 - 2014-10-29 02:27 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-02-25 11:46 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-02-25 11:46 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-27 19:37 - 2015-01-14 14:41 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\TS3Client
2015-03-27 19:37 - 2014-09-24 07:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-27 19:37 - 2014-09-24 06:43 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-27 19:37 - 2014-09-24 06:43 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-27 19:35 - 2015-01-27 09:50 - 00005128 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Pc-Sebi-Sebi Pc-Sebi
2015-03-27 19:34 - 2015-01-27 09:50 - 00000000 __RDO () C:\Users\Sebi\OneDrive
2015-03-27 19:32 - 2015-01-07 20:04 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-27 19:31 - 2013-08-22 15:46 - 00341977 _____ () C:\WINDOWS\setupact.log
2015-03-27 19:30 - 2015-01-14 16:30 - 01581494 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-27 19:30 - 2014-09-23 22:06 - 00015254 _____ () C:\WINDOWS\PFRO.log
2015-03-27 19:30 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-27 19:30 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-27 19:18 - 2014-12-15 12:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-27 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-27 17:52 - 2015-01-28 11:43 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{708BD5AD-2F5C-4A11-8A1A-FE53B4E2038D}
2015-03-26 15:26 - 2014-12-14 15:41 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2171534533-33094092-2416115179-1002
2015-03-26 15:16 - 2015-01-22 13:39 - 00102400 ___SH () C:\Users\Sebi\Desktop\Thumbs.db
2015-03-26 12:23 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-25 22:40 - 2015-01-14 16:37 - 00000000 ____D () C:\Users\Sebi
2015-03-25 21:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\tracing
2015-03-25 21:25 - 2015-01-11 14:17 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-25 21:25 - 2014-09-24 08:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-25 19:16 - 2015-01-27 21:10 - 06528454 _____ () C:\Users\Sebi\Downloads\paint.net.4.0.5.install.zip
2015-03-25 13:14 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-25 12:14 - 2015-01-22 13:43 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Deployment
2015-03-25 12:14 - 2014-12-14 15:35 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Packages
2015-03-24 10:10 - 2014-12-14 15:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-21 16:51 - 2015-01-08 16:45 - 00000072 _____ () C:\Users\Public\LMDebug.log
2015-03-18 14:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-17 18:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-17 10:15 - 2013-08-22 15:44 - 00372192 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-17 10:08 - 2015-01-22 13:23 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-17 01:20 - 2015-01-13 01:54 - 00000000 ____D () C:\Users\Sebi\Documents\My Games
2015-03-16 19:08 - 2015-01-07 21:10 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-13 21:13 - 2015-01-08 13:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-13 21:10 - 2015-01-08 13:00 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-13 15:07 - 2015-01-22 13:55 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2171534533-33094092-2416115179-1002
2015-03-04 22:24 - 2014-09-24 08:46 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-04 22:24 - 2014-09-24 08:46 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2013-07-26 22:46 - 2013-07-26 22:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Sebi\AppData\Local\Temp\notepad.exe
C:\Users\Sebi\AppData\Local\Temp\Quarantine.exe
C:\Users\Sebi\AppData\Local\Temp\sqlite3.dll
C:\Users\Sebi\AppData\Local\Temp\svhost.exe
C:\Users\Sebi\AppData\Local\Temp\tmp1287.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp130F.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp1426.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp18CD.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp1C9D.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp296D.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp33FE.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp3E27.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp4F26.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp559B.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp7170.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp8229.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp8D7F.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp9105.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmpB934.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-27 01:44

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.6 (03.22.2015:1)
OS: Windows 8.1 x64
Ran by Sebi on 27.03.2015 at 19:36:26,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Sebi\AppData\Roaming\mozilla\firefox\profiles\qx7gcp5k.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.03.2015 at 19:38:16,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 26.03.2015
Suchlauf-Zeit: 00:55:23
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.03.25.07
Rootkit Datenbank: v2015.02.25.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Sebi

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 382468
Verstrichene Zeit: 24 Min, 17 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 1
Heuristics.Reserved.Word.Exploit, C:\Users\Sebi\AppData\Local\Temp\svhost.exe, In Quarantäne, [08b3cb7e5337c76f69411d44f3117a86],

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

schrauber 28.03.2015 03:33

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Faru 28.03.2015 15:35
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=25c34f5fa725524082cecb317383bc1c
# engine=23127
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-28 02:21:13
# local_time=2015-03-28 03:21:13 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 972528 8942861 0 0
# scanned=245373
# found=27
# cleaned=0
# scan_time=4996
sh=E733604036E3B6E86FD74668E58E203048746E0B ft=1 fh=b726058448fbbdee vn="Variante von MSIL/Injector.IPN Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\tmp1287.tmp.exe"
sh=889D307816E30CC9FFBAEE2794F21674D36FAC30 ft=1 fh=f0bf304c91557728 vn="Variante von MSIL/Injector.IQT Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\tmp130F.tmp.exe"
sh=3009A2B7655DC6F4E5D4CDF63E4EF126B557204E ft=1 fh=e62ccb017365c528 vn="Variante von MSIL/Injector.IQT Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\tmp1426.tmp.exe"
sh=7BB468C8EDE71A8CB1D8A49236DAC46827466A21 ft=1 fh=a3f565d065d6e44b vn="Variante von MSIL/Injector.IPN Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\tmp18CD.tmp.exe"
sh=2EFD59DE2B15D879C66D2E9CD49BCE27BBCD8138 ft=1 fh=c1d4fb6b9a26dfe2 vn="Variante von MSIL/Injector.IPN Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\tmp1C9D.tmp.exe"
sh=1558564CC335E57B23D4C5203E449B3CD3C4894B ft=1 fh=404e1a1620f7676e vn="Variante von MSIL/Injector.IPN Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\tmp296D.tmp.exe"
sh=683C401E946BB8E5DC8B25F7135058CAE1BFE301 ft=1 fh=39b6037be75d7ade vn="Variante von MSIL/Injector.IRT Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\tmp33FE.tmp.exe"
sh=07EFFF4E8E108F7D9D48D2A1B3B63B447B868A34 ft=1 fh=ff32df62a84ac5a1 vn="Variante von MSIL/Injector.IQT Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\tmp3E27.tmp.exe"
sh=E1D054131BB6061FF8E3B296239F94EF17424840 ft=1 fh=a9bc4fa7183743e6 vn="Variante von MSIL/Injector.IPN Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\tmp4F26.tmp.exe"
sh=3009A2B7655DC6F4E5D4CDF63E4EF126B557204E ft=1 fh=e62ccb017365c528 vn="Variante von MSIL/Injector.IQT Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\tmp559B.tmp.exe"
sh=889D307816E30CC9FFBAEE2794F21674D36FAC30 ft=1 fh=f0bf304c91557728 vn="Variante von MSIL/Injector.IQT Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\tmp7170.tmp.exe"
sh=3009A2B7655DC6F4E5D4CDF63E4EF126B557204E ft=1 fh=e62ccb017365c528 vn="Variante von MSIL/Injector.IQT Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\tmp8229.tmp.exe"
sh=BB27E1987F5ECE427F744FCEE8257F0EF1B778E5 ft=1 fh=42cabba1a230262c vn="Variante von MSIL/Injector.IQT Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\tmp8D7F.tmp.exe"
sh=411C461A8EE9DD1095A9F5D6A3417A85D4615F70 ft=1 fh=c07ce4381c4f600b vn="Variante von MSIL/Injector.IPN Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\tmp9105.tmp.exe"
sh=47BC7E9FE949A4DDA33870F24BA409E682A39244 ft=1 fh=d60ea6bfb1b608e6 vn="Variante von MSIL/Injector.IPN Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\tmpB934.tmp.exe"
sh=47B19AB97028D8925579BED54EFEE88C8107D6B6 ft=1 fh=34f71966959b3eb8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\DMR\dmr_72.exe"
sh=E733604036E3B6E86FD74668E58E203048746E0B ft=1 fh=b726058448fbbdee vn="Variante von MSIL/Injector.IPN Trojaner" ac=I fn="C:\Users\Sebi\AppData\Local\Temp\Window\svhost.exe"
sh=1558564CC335E57B23D4C5203E449B3CD3C4894B ft=1 fh=404e1a1620f7676e vn="Variante von MSIL/Injector.IPN Trojaner" ac=I fn="C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe"
sh=8D507068C29028AF285E01EF5C9A013B611F0739 ft=1 fh=5011d053f7708d88 vn="Variante von MSIL/Injector.IPN Trojaner" ac=I fn="C:\Users\Sebi\AppData\Roaming\FolderName\file.exe"
sh=8D507068C29028AF285E01EF5C9A013B611F0739 ft=1 fh=5011d053f7708d88 vn="Variante von MSIL/Injector.IPN Trojaner" ac=I fn="C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\atidrv.exe"
sh=8D507068C29028AF285E01EF5C9A013B611F0739 ft=1 fh=5011d053f7708d88 vn="Variante von MSIL/Injector.IPN Trojaner" ac=I fn="C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(1).exe"
sh=8D507068C29028AF285E01EF5C9A013B611F0739 ft=1 fh=5011d053f7708d88 vn="Variante von MSIL/Injector.IPN Trojaner" ac=I fn="C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(2).exe"
sh=889D307816E30CC9FFBAEE2794F21674D36FAC30 ft=1 fh=f0bf304c91557728 vn="Variante von MSIL/Injector.IQT Trojaner" ac=I fn="C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\ESEA.exe"
sh=72618C336491CC5771CFA8504F0BDC7AC5BED1B6 ft=1 fh=2766d1deed106adf vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebi\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"
sh=ACFE1154C7909A0DC5645116C5759C5AD1C12A8B ft=1 fh=c5f7c476020e0d08 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer(1).exe"
sh=E99FF3B133B16F984A270B1E800534CE506B74AA ft=1 fh=8937c30e40957c26 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von MSIL/Injector.IPN Trojaner" ac=I fn="${Memory}"

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Sebi (administrator) on PC-SEBI on 28-03-2015 15:24:52
Running from C:\Users\Sebi\Downloads
Loaded Profiles: Sebi (Available profiles: Sebi)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files (x86)\3DataManager\WTGService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
() C:\Windows\System32\igfxTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-24] ( (Atheros Communications))
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [UPNP Service] => C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe [902144 2015-03-25] ()
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\MountPoints2: {3ef3322e-f63a-11e2-be6c-806e6f6e6963} - "D:\SETUP.EXE"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2171534533-33094092-2416115179-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2171534533-33094092-2416115179-1002 -> {6C84E0BC-9872-4A8D-8BD9-601B5D96A660} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-24] (Qualcomm Atheros Commnucations)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default
FF Homepage: https://www.google.at
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2014-11-28] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-22] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin HKU\S-1-5-21-2171534533-33094092-2416115179-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sebi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-11]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-24] (Qualcomm Atheros Commnucations) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-15] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [343024 2012-07-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 rzdaendpt; C:\Windows\System32\drivers\rzdaendpt.sys [33448 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [31912 2014-12-30] (Razer Inc)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S0 rjaty; System32\drivers\imofugc.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-28 13:57 - 2015-03-28 13:57 - 00852604 _____ () C:\Users\Sebi\Downloads\SecurityCheck.exe
2015-03-28 13:55 - 2015-03-28 13:55 - 02347384 _____ (ESET) C:\Users\Sebi\Downloads\esetsmartinstaller_deu.exe
2015-03-28 13:55 - 2015-03-28 13:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-03-27 19:38 - 2015-03-27 19:38 - 00001335 _____ () C:\Users\Sebi\Desktop\JRT.txt
2015-03-27 19:35 - 2015-03-27 19:35 - 01388782 _____ (Thisisu) C:\Users\Sebi\Downloads\JRT.exe
2015-03-27 19:28 - 2015-03-27 19:28 - 00001291 _____ () C:\Users\Sebi\Desktop\mbam.txt
2015-03-27 19:04 - 2015-03-27 19:30 - 00000000 ____D () C:\AdwCleaner
2015-03-27 19:04 - 2015-03-27 19:04 - 02168320 _____ () C:\Users\Sebi\Downloads\AdwCleaner_4.113.exe
2015-03-26 19:43 - 2015-03-26 19:44 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sebi\Downloads\tdsskiller.exe
2015-03-26 19:40 - 2015-03-27 19:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-26 19:39 - 2015-03-26 20:09 - 00000000 ____D () C:\Users\Sebi\Desktop\mbar
2015-03-26 19:39 - 2015-03-26 19:39 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sebi\Downloads\mbar-1.09.1.1004.exe
2015-03-26 15:06 - 2015-03-26 15:06 - 00030079 _____ () C:\Users\Sebi\Downloads\Addition.txt
2015-03-26 15:05 - 2015-03-28 15:24 - 00018544 _____ () C:\Users\Sebi\Downloads\FRST.txt
2015-03-26 15:05 - 2015-03-28 15:24 - 00000000 ____D () C:\FRST
2015-03-26 15:05 - 2015-03-26 15:05 - 02095616 _____ (Farbar) C:\Users\Sebi\Downloads\FRST64.exe
2015-03-25 20:48 - 2015-03-27 19:05 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-25 20:48 - 2015-03-27 19:04 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-25 20:48 - 2015-03-25 20:48 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-25 20:48 - 2015-03-25 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-25 20:48 - 2015-03-25 20:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-25 20:48 - 2015-03-25 20:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-25 20:48 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-25 20:48 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-25 20:45 - 2015-03-25 20:45 - 01203488 _____ () C:\Users\Sebi\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2015-03-25 18:24 - 2015-03-25 18:24 - 01203488 _____ () C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer(1).exe
2015-03-25 11:35 - 2015-03-11 03:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-03-25 11:35 - 2015-03-10 23:08 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-03-24 13:09 - 2015-03-26 20:11 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4
2015-03-24 10:15 - 2015-03-24 10:15 - 01054912 _____ (Adobe) C:\Users\Sebi\Downloads\install_flashplayer17x32au_ltr5x64d_awc_aih.exe
2015-03-24 01:29 - 2015-03-24 01:29 - 00000000 __SHD () C:\Users\Sebi\AppData\Roaming\FolderName
2015-03-24 01:22 - 2015-03-24 01:22 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Skype
2015-03-24 01:21 - 2015-03-25 21:09 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Skype
2015-03-24 01:21 - 2015-03-24 01:21 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-24 01:21 - 2015-03-24 01:21 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-24 01:21 - 2015-03-24 01:21 - 00000000 ____D () C:\ProgramData\Skype
2015-03-24 01:21 - 2015-03-24 01:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-24 01:20 - 2015-03-24 01:20 - 00003134 _____ () C:\WINDOWS\System32\Tasks\{99D679EF-1A1A-4D6A-8435-4AAA89B03323}
2015-03-22 01:33 - 2015-03-22 01:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-19 21:08 - 2015-03-19 21:08 - 00000000 ____D () C:\Users\Sebi\Documents\Benutzerdefinierte Office-Vorlagen
2015-03-16 19:08 - 2015-03-16 19:08 - 00000222 _____ () C:\Users\Sebi\Desktop\South Park The Stick of Truth.url
2015-03-11 11:35 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 11:35 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 11:35 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 11:35 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 11:34 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 11:34 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 11:34 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 11:34 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 11:34 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 11:34 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 11:34 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 11:34 - 2015-02-07 00:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 11:34 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 11:34 - 2015-02-06 02:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 11:34 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 11:34 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 11:34 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 11:34 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 11:34 - 2015-01-31 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 11:34 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 11:34 - 2015-01-30 04:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 11:34 - 2015-01-30 04:00 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-11 11:34 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 11:34 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 11:34 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 11:34 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 11:34 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 11:34 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 11:34 - 2014-10-29 03:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-03-11 11:34 - 2014-10-29 03:46 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-03-11 11:34 - 2014-10-29 03:46 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-03-11 11:34 - 2014-10-29 03:45 - 01198080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-03-11 11:34 - 2014-10-29 03:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-03-11 11:34 - 2014-10-29 03:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-03-11 11:34 - 2014-10-29 03:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2015-03-11 11:34 - 2014-10-29 03:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-03-11 11:34 - 2014-10-29 03:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2015-03-11 11:34 - 2014-10-29 03:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-03-11 11:34 - 2014-10-29 03:03 - 00241152 ____C (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2015-03-11 11:34 - 2014-10-29 03:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-03-11 11:34 - 2014-10-29 03:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-03-11 11:34 - 2014-10-29 02:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2015-03-11 11:34 - 2014-10-29 02:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2015-03-11 11:34 - 2014-10-29 02:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-11 11:34 - 2014-10-29 02:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-03-11 11:34 - 2014-10-29 02:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2015-03-11 11:34 - 2014-10-29 02:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-03-11 11:34 - 2014-10-29 02:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-03-11 11:34 - 2014-10-29 01:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-03-11 11:34 - 2014-10-29 01:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-03-11 11:34 - 2014-10-29 01:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-11 11:34 - 2014-10-29 01:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-03-11 11:33 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 11:33 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 11:33 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 11:33 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 11:33 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 11:33 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 11:33 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 11:33 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 11:33 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 11:33 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 11:33 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 11:33 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 11:33 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 11:33 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 11:33 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 11:33 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 11:33 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 11:33 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 11:33 - 2015-01-29 01:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 11:33 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 11:33 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 11:33 - 2015-01-29 01:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 11:33 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 11:33 - 2015-01-28 16:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 11:33 - 2015-01-28 16:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 11:33 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 11:33 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 11:33 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 11:33 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 11:33 - 2014-10-29 04:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-03-11 11:33 - 2014-10-29 03:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-11 11:33 - 2014-10-29 03:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-03-11 11:33 - 2014-10-29 03:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-03-11 11:33 - 2014-10-29 02:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-11 11:33 - 2014-10-29 02:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-03-11 11:33 - 2014-10-29 02:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-11 11:33 - 2014-10-29 01:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2015-03-11 11:33 - 2014-10-29 01:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 11:30 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 11:30 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 11:30 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 11:30 - 2015-02-21 01:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 11:30 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 11:30 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 11:30 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 11:30 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 11:30 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 11:30 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 11:30 - 2015-02-20 03:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 11:30 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 11:30 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 11:30 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 11:30 - 2015-02-20 03:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 11:30 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 11:30 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 11:30 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 11:30 - 2015-02-20 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 11:30 - 2015-02-20 02:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 11:30 - 2015-02-20 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 11:30 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 11:30 - 2015-02-20 02:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 11:30 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 11:30 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 11:30 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 11:30 - 2015-02-20 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 11:30 - 2015-02-20 02:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 11:30 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 11:30 - 2015-02-20 02:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 11:30 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 11:30 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 11:30 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 11:30 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 11:30 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 11:30 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 11:30 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 11:29 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 11:29 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 11:29 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 11:29 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 11:29 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-11 11:28 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 11:28 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 11:28 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 11:28 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 11:28 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 11:28 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 11:28 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-11 11:28 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-09 22:44 - 2015-03-09 22:44 - 00004856 _____ () C:\Users\Sebi\Downloads\config_ endde83.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-28 15:18 - 2014-12-15 12:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-28 15:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-28 14:12 - 2015-01-14 16:30 - 01693319 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-28 13:56 - 2015-01-28 11:43 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{708BD5AD-2F5C-4A11-8A1A-FE53B4E2038D}
2015-03-28 13:54 - 2015-01-07 20:04 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-28 02:30 - 2015-01-14 14:41 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\TS3Client
2015-03-27 22:01 - 2014-12-14 15:41 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2171534533-33094092-2416115179-1002
2015-03-27 20:41 - 2015-01-27 09:50 - 00005128 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Pc-Sebi-Sebi Pc-Sebi
2015-03-27 19:37 - 2014-09-24 07:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-27 19:37 - 2014-09-24 06:43 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-27 19:37 - 2014-09-24 06:43 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-27 19:34 - 2015-01-27 09:50 - 00000000 ___DO () C:\Users\Sebi\OneDrive
2015-03-27 19:31 - 2013-08-22 15:46 - 00341977 _____ () C:\WINDOWS\setupact.log
2015-03-27 19:30 - 2014-09-23 22:06 - 00015254 _____ () C:\WINDOWS\PFRO.log
2015-03-27 19:30 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-27 19:30 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-26 15:16 - 2015-01-22 13:39 - 00102400 ___SH () C:\Users\Sebi\Desktop\Thumbs.db
2015-03-26 12:23 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-25 22:40 - 2015-01-14 16:37 - 00000000 ____D () C:\Users\Sebi
2015-03-25 21:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\tracing
2015-03-25 21:25 - 2015-01-11 14:17 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-25 21:25 - 2014-09-24 08:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-25 19:16 - 2015-01-27 21:10 - 06528454 _____ () C:\Users\Sebi\Downloads\paint.net.4.0.5.install.zip
2015-03-25 13:14 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-25 12:14 - 2015-01-22 13:43 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Deployment
2015-03-25 12:14 - 2014-12-14 15:35 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Packages
2015-03-24 10:10 - 2014-12-14 15:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-21 16:51 - 2015-01-08 16:45 - 00000072 _____ () C:\Users\Public\LMDebug.log
2015-03-18 14:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-17 18:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-17 10:15 - 2013-08-22 15:44 - 00372192 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-17 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-17 10:08 - 2015-01-22 13:23 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-17 01:20 - 2015-01-13 01:54 - 00000000 ____D () C:\Users\Sebi\Documents\My Games
2015-03-16 19:08 - 2015-01-07 21:10 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-13 21:13 - 2015-01-08 13:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-13 21:10 - 2015-01-08 13:00 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-13 15:07 - 2015-01-22 13:55 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2171534533-33094092-2416115179-1002
2015-03-04 22:24 - 2014-09-24 08:46 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-04 22:24 - 2014-09-24 08:46 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2013-07-26 22:46 - 2013-07-26 22:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Sebi\AppData\Local\Temp\notepad.exe
C:\Users\Sebi\AppData\Local\Temp\Quarantine.exe
C:\Users\Sebi\AppData\Local\Temp\sqlite3.dll
C:\Users\Sebi\AppData\Local\Temp\svhost.exe
C:\Users\Sebi\AppData\Local\Temp\tmp1287.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp130F.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp1426.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp18CD.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp1C9D.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp296D.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp33FE.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp3E27.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp4F26.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp559B.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp7170.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp8229.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp8D7F.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmp9105.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmpB934.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-27 20:11

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Results of screen317's Security Check version 0.99.97 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Windows Defender 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 31 
 Java version 32-bit out of Date!
  Java 64-bit 8 Update 31 
 Adobe Flash Player        16.0.0.305 
 Mozilla Firefox (36.0.4)
````````Process Check: objlist.exe by Laurent```````` 
 Symantec Norton Online Backup NOBuClient.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
also ESET hat immer noch 27 infizierte Dateien gefunden :(

schrauber 28.03.2015 22:04
Java updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Users\Sebi\AppData\Local\Temp\tmp1287.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp130F.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp1426.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp18CD.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp1C9D.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp296D.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp33FE.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp3E27.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp4F26.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp559B.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp7170.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp8229.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp8D7F.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp9105.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmpB934.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\Sebi\AppData\Local\Temp\Window\svhost.exe

C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe

C:\Users\Sebi\AppData\Roaming\FolderName\file.exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\atidrv.exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(1).exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(2).exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\ESEA.exe

C:\Users\Sebi\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe

C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer(1).exe

C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer.exe
S0 rjaty; System32\drivers\imofugc.sys [X]
C:\ProgramData\DP45977C.lfl
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logs.

Faru 29.03.2015 12:31
Hey Schrauber habs am Desktop und in allen Ordnern bzw. Unterordnern probiert aber FRST findet das file nicht ???

schrauber 29.03.2015 16:37
Hättest doch einfach den Ordner nehmen müssen, in dem die FRST.exe liegt, wenn Du sie schon nicht da ablegst wie es in der Anleitung steht ;).

Deinen Download Ordner :)

Faru 29.03.2015 17:04
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Sebi at 2015-03-29 17:58:44 Run:1
Running from C:\Users\Sebi\Downloads
Loaded Profiles: Sebi (Available profiles: Sebi)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Sebi\AppData\Local\Temp\tmp1287.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp130F.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp1426.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp18CD.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp1C9D.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp296D.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp33FE.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp3E27.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp4F26.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp559B.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp7170.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp8229.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp8D7F.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp9105.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmpB934.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\Sebi\AppData\Local\Temp\Window\svhost.exe

C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe

C:\Users\Sebi\AppData\Roaming\FolderName\file.exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\atidrv.exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(1).exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(2).exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\ESEA.exe

C:\Users\Sebi\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe

C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer(1).exe

C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer.exe
S0 rjaty; System32\drivers\imofugc.sys [X]
C:\ProgramData\DP45977C.lfl
Emptytemp:
*****************

C:\Users\Sebi\AppData\Local\Temp\tmp1287.tmp.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\tmp130F.tmp.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\tmp1426.tmp.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\tmp18CD.tmp.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\tmp1C9D.tmp.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\tmp296D.tmp.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\tmp33FE.tmp.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\tmp3E27.tmp.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\tmp4F26.tmp.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\tmp559B.tmp.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\tmp7170.tmp.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\tmp8229.tmp.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\tmp8D7F.tmp.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\tmp9105.tmp.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\tmpB934.tmp.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\DMR\dmr_72.exe => Moved successfully.
C:\Users\Sebi\AppData\Local\Temp\Window\svhost.exe => Moved successfully.
C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe => Moved successfully.
C:\Users\Sebi\AppData\Roaming\FolderName\file.exe => Moved successfully.
C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\atidrv.exe => Moved successfully.
C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(1).exe => Moved successfully.
C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(2).exe => Moved successfully.
C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\ESEA.exe => Moved successfully.
C:\Users\Sebi\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe => Moved successfully.
C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer(1).exe => Moved successfully.
C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer.exe => Moved successfully.
rjaty => Service deleted successfully.
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-29 18:00:52)<=

==> ATTENTION: System is not rebooted.
"C:\ProgramData\DP45977C.lfl" => File could not move.

==== End of Fixlog 18:00:52 ====

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Sebi (administrator) on PC-SEBI on 29-03-2015 18:02:12
Running from C:\Users\Sebi\Downloads
Loaded Profiles: Sebi (Available profiles: Sebi)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files (x86)\3DataManager\WTGService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
() C:\Windows\System32\igfxTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\FRST\Quarantine\C\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe.xBAD
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Atheros Communications))
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [UPNP Service] => C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\MountPoints2: {3ef3322e-f63a-11e2-be6c-806e6f6e6963} - "D:\SETUP.EXE"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2171534533-33094092-2416115179-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2171534533-33094092-2416115179-1002 -> {6C84E0BC-9872-4A8D-8BD9-601B5D96A660} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25] (Qualcomm Atheros Commnucations)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default
FF Homepage: https://www.google.at
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2014-11-28] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-22] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin HKU\S-1-5-21-2171534533-33094092-2416115179-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sebi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-11]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-15] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [343024 2012-07-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 rzdaendpt; C:\Windows\System32\drivers\rzdaendpt.sys [33448 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-12-10] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [31912 2014-12-30] (Razer Inc)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R4 ccSet_NARA; \SystemRoot\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 13:23 - 2015-03-29 13:23 - 00001619 _____ () C:\Users\Sebi\Downloads\Fixlist.txt
2015-03-28 14:57 - 2015-03-28 14:57 - 00852604 _____ () C:\Users\Sebi\Downloads\SecurityCheck.exe
2015-03-28 14:55 - 2015-03-28 14:55 - 02347384 _____ (ESET) C:\Users\Sebi\Downloads\esetsmartinstaller_deu.exe
2015-03-28 14:55 - 2015-03-28 14:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-03-27 20:38 - 2015-03-27 20:38 - 00001335 _____ () C:\Users\Sebi\Desktop\JRT.txt
2015-03-27 20:35 - 2015-03-27 20:35 - 01388782 _____ (Thisisu) C:\Users\Sebi\Downloads\JRT.exe
2015-03-27 20:28 - 2015-03-27 20:28 - 00001291 _____ () C:\Users\Sebi\Desktop\mbam.txt
2015-03-27 20:04 - 2015-03-27 20:30 - 00000000 ____D () C:\AdwCleaner
2015-03-27 20:04 - 2015-03-27 20:04 - 02168320 _____ () C:\Users\Sebi\Downloads\AdwCleaner_4.113.exe
2015-03-26 20:43 - 2015-03-26 20:44 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sebi\Downloads\tdsskiller.exe
2015-03-26 20:40 - 2015-03-27 20:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-26 20:39 - 2015-03-26 21:09 - 00000000 ____D () C:\Users\Sebi\Desktop\mbar
2015-03-26 20:39 - 2015-03-26 20:39 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sebi\Downloads\mbar-1.09.1.1004.exe
2015-03-26 16:06 - 2015-03-26 16:06 - 00030079 _____ () C:\Users\Sebi\Downloads\Addition.txt
2015-03-26 16:05 - 2015-03-29 18:02 - 00017978 _____ () C:\Users\Sebi\Downloads\FRST.txt
2015-03-26 16:05 - 2015-03-29 18:02 - 00000000 ____D () C:\FRST
2015-03-26 16:05 - 2015-03-26 16:05 - 02095616 _____ (Farbar) C:\Users\Sebi\Downloads\FRST64.exe
2015-03-25 21:48 - 2015-03-27 20:05 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-25 21:48 - 2015-03-27 20:04 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-25 21:48 - 2015-03-25 21:48 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-25 21:48 - 2015-03-25 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-25 21:48 - 2015-03-25 21:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-25 21:48 - 2015-03-25 21:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-25 21:48 - 2015-03-17 07:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-25 21:48 - 2015-03-17 07:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-25 12:35 - 2015-03-11 04:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-03-24 14:09 - 2015-03-26 21:11 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4
2015-03-24 11:15 - 2015-03-24 11:15 - 01054912 _____ (Adobe) C:\Users\Sebi\Downloads\install_flashplayer17x32au_ltr5x64d_awc_aih.exe
2015-03-24 02:29 - 2015-03-29 17:59 - 00000000 __SHD () C:\Users\Sebi\AppData\Roaming\FolderName
2015-03-24 02:22 - 2015-03-24 02:22 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Skype
2015-03-24 02:21 - 2015-03-28 16:32 - 00000000 ____D () C:\ProgramData\Skype
2015-03-24 02:21 - 2015-03-25 22:09 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Skype
2015-03-24 02:20 - 2015-03-24 02:20 - 00003134 _____ () C:\WINDOWS\System32\Tasks\{99D679EF-1A1A-4D6A-8435-4AAA89B03323}
2015-03-22 02:33 - 2015-03-22 02:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-19 22:08 - 2015-03-19 22:08 - 00000000 ____D () C:\Users\Sebi\Documents\Benutzerdefinierte Office-Vorlagen
2015-03-16 20:08 - 2015-03-16 20:08 - 00000222 _____ () C:\Users\Sebi\Desktop\South Park The Stick of Truth.url
2015-03-11 12:35 - 2015-02-04 01:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 12:35 - 2015-02-04 01:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 12:35 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 12:35 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 12:34 - 2015-03-06 04:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 12:34 - 2015-03-06 04:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 12:34 - 2015-02-26 01:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 12:34 - 2015-02-20 05:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 12:34 - 2015-02-20 04:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 12:34 - 2015-02-20 04:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 12:34 - 2015-02-20 04:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 12:34 - 2015-02-07 01:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 12:34 - 2015-02-06 03:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 12:34 - 2015-02-06 03:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 12:34 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 12:34 - 2015-02-04 01:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 12:34 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 12:34 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 12:34 - 2015-01-31 01:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 12:34 - 2015-01-31 01:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 12:34 - 2015-01-30 05:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 12:34 - 2015-01-30 05:00 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-11 12:34 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 12:34 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 12:34 - 2015-01-29 03:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 12:34 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 12:34 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 12:34 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 12:34 - 2014-10-29 04:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-03-11 12:34 - 2014-10-29 04:46 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-03-11 12:34 - 2014-10-29 04:46 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-03-11 12:34 - 2014-10-29 04:45 - 01198080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-03-11 12:34 - 2014-10-29 04:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-03-11 12:34 - 2014-10-29 04:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-03-11 12:34 - 2014-10-29 04:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2015-03-11 12:34 - 2014-10-29 04:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-03-11 12:34 - 2014-10-29 04:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2015-03-11 12:34 - 2014-10-29 04:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-03-11 12:34 - 2014-10-29 04:03 - 00241152 ____C (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2015-03-11 12:34 - 2014-10-29 04:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-03-11 12:34 - 2014-10-29 04:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-03-11 12:34 - 2014-10-29 03:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2015-03-11 12:34 - 2014-10-29 03:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2015-03-11 12:34 - 2014-10-29 03:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-11 12:34 - 2014-10-29 03:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-03-11 12:34 - 2014-10-29 03:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2015-03-11 12:34 - 2014-10-29 03:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-03-11 12:34 - 2014-10-29 03:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-03-11 12:34 - 2014-10-29 02:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-03-11 12:34 - 2014-10-29 02:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-03-11 12:34 - 2014-10-29 02:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-11 12:34 - 2014-10-29 02:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-03-11 12:33 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 12:33 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 12:33 - 2015-01-31 01:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 12:33 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 12:33 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 12:33 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 12:33 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 12:33 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 12:33 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 12:33 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 12:33 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 12:33 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 12:33 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 12:33 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 12:33 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 12:33 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 12:33 - 2015-01-29 03:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 12:33 - 2015-01-29 03:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 12:33 - 2015-01-29 02:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 12:33 - 2015-01-29 02:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 12:33 - 2015-01-29 02:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 12:33 - 2015-01-29 02:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 12:33 - 2015-01-28 17:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 12:33 - 2015-01-28 17:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 12:33 - 2015-01-28 17:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 12:33 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 12:33 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 12:33 - 2015-01-27 06:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 12:33 - 2015-01-27 04:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 12:33 - 2014-10-29 05:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-03-11 12:33 - 2014-10-29 04:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-11 12:33 - 2014-10-29 04:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-03-11 12:33 - 2014-10-29 04:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-03-11 12:33 - 2014-10-29 03:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-11 12:33 - 2014-10-29 03:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-03-11 12:33 - 2014-10-29 03:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-11 12:33 - 2014-10-29 02:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2015-03-11 12:33 - 2014-10-29 02:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 12:30 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 12:30 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 12:30 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 12:30 - 2015-02-21 02:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 12:30 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 12:30 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 12:30 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 12:30 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 12:30 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 12:30 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 12:30 - 2015-02-20 04:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 12:30 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 12:30 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 12:30 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 12:30 - 2015-02-20 04:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 12:30 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 12:30 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 12:30 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 12:30 - 2015-02-20 03:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 12:30 - 2015-02-20 03:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 12:30 - 2015-02-20 03:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 12:30 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 12:30 - 2015-02-20 03:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 12:30 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 12:30 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 12:30 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 12:30 - 2015-02-20 03:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 12:30 - 2015-02-20 03:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 12:30 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 12:30 - 2015-02-20 03:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 12:30 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 12:30 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 12:30 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 12:30 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 12:30 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 12:30 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 12:30 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 12:29 - 2015-02-12 19:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 12:29 - 2015-02-12 19:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 12:29 - 2015-01-29 20:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 12:29 - 2015-01-29 20:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 12:29 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-11 12:28 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 12:28 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 12:28 - 2015-01-28 03:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 12:28 - 2015-01-28 03:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 12:28 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 12:28 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 12:28 - 2015-01-21 07:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-11 12:28 - 2015-01-21 07:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-09 23:44 - 2015-03-09 23:44 - 00004856 _____ () C:\Users\Sebi\Downloads\config_ endde83.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 18:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-29 17:46 - 2015-01-14 15:41 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\TS3Client
2015-03-29 17:18 - 2014-12-15 13:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-29 17:02 - 2014-12-14 16:41 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2171534533-33094092-2416115179-1002
2015-03-29 16:54 - 2015-01-07 21:04 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-29 16:52 - 2015-01-14 17:30 - 01910390 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-29 13:30 - 2015-01-22 14:39 - 00114176 ___SH () C:\Users\Sebi\Desktop\Thumbs.db
2015-03-29 12:19 - 2015-01-27 10:50 - 00005126 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Pc-Sebi-Sebi Pc-Sebi
2015-03-29 12:02 - 2015-01-28 12:43 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{708BD5AD-2F5C-4A11-8A1A-FE53B4E2038D}
2015-03-27 20:37 - 2014-09-24 08:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-27 20:37 - 2014-09-24 07:43 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-27 20:37 - 2014-09-24 07:43 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-27 20:34 - 2015-01-27 10:50 - 00000000 ___DO () C:\Users\Sebi\OneDrive
2015-03-27 20:31 - 2013-08-22 16:46 - 00341977 _____ () C:\WINDOWS\setupact.log
2015-03-27 20:30 - 2014-09-23 23:06 - 00015254 _____ () C:\WINDOWS\PFRO.log
2015-03-27 20:30 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-27 20:30 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-26 13:23 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-25 23:40 - 2015-01-14 17:37 - 00000000 ____D () C:\Users\Sebi
2015-03-25 22:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\tracing
2015-03-25 22:25 - 2015-01-11 15:17 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-25 22:25 - 2014-09-24 09:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-25 20:16 - 2015-01-27 22:10 - 06528454 _____ () C:\Users\Sebi\Downloads\paint.net.4.0.5.install.zip
2015-03-25 14:14 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-25 13:14 - 2015-01-22 14:43 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Deployment
2015-03-25 13:14 - 2014-12-14 16:35 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Packages
2015-03-24 11:10 - 2014-12-14 16:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-21 17:51 - 2015-01-08 17:45 - 00000072 _____ () C:\Users\Public\LMDebug.log
2015-03-18 15:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-17 19:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-17 11:15 - 2013-08-22 16:44 - 00372192 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-17 11:08 - 2015-01-22 14:23 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-17 02:20 - 2015-01-13 02:54 - 00000000 ____D () C:\Users\Sebi\Documents\My Games
2015-03-16 20:08 - 2015-01-07 22:10 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-13 22:13 - 2015-01-08 14:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-13 22:10 - 2015-01-08 14:00 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-13 16:07 - 2015-01-22 14:55 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2171534533-33094092-2416115179-1002
2015-03-04 23:24 - 2014-09-24 09:46 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-04 23:24 - 2014-09-24 09:46 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2013-07-26 23:46 - 2013-07-26 23:46 - 0000000 _____ () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-27 21:11

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Sebi at 2015-03-29 18:03:00
Running from C:\Users\Sebi\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
3DataManager (HKLM-x32\...\3DataManager) (Version: 3.5 - 3DataManager)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{81C6F800-A69B-4E70-9DC0-74732F8B00E7}) (Version: 1.00.3015 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3003 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3003 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3729_45993 - CyberLink Corp.)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ETDWare PS/2-X64 11.6.19.204_WHQL (HKLM\...\Elantech) (Version: 11.6.19.204 - ELAN Microelectronic Corp.)
Fallout 3 (HKLM-x32\...\Steam App 22300) (Version:  - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Mozilla Firefox 36.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.28130 - Realtek Semiconductor Corp.)
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version:  - The Creative Assembly)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Unity Web Player (HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2171534533-33094092-2416115179-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2171534533-33094092-2416115179-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Sebi\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

11-03-2015 16:17:01 Windows Update
20-03-2015 19:27:37 Geplanter Prüfpunkt
25-03-2015 14:13:18 Windows Update
26-03-2015 21:08:47 Malwarebytes Anti-Rootkit Restore Point
28-03-2015 16:31:43 Removed Norton Online Backup

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {048EDF98-5395-4B4A-A4AE-0C01C2AD25C5} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2013-02-08] ()
Task: {07A37BFB-078B-428D-8DFD-BA64327A11B8} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {0DB334BF-6987-4E2B-96BE-3EBC5CB50E24} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2013-02-08] (CyberLink)
Task: {1FA3ADCD-3E5F-4A9B-97C1-A948EF8E32A5} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {379D7190-7201-4AC1-A082-7A9CF3AEA06A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Pc-Sebi-Sebi Pc-Sebi => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)
Task: {793E3DBF-2D87-4C6F-91D6-9353F099749A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-13] (Microsoft Corporation)
Task: {821453E6-0E72-4560-8BE6-D7FF27264BA9} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2013-02-08] ()
Task: {8F2B5D50-FC49-4F37-99F2-E4CA803398A2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {91C8B8FF-370B-4C56-81CE-BEFBB9505A85} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {96F9643F-1E6E-4D67-84E6-46E8A23DC2DD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {972E839B-849C-4E34-9B06-255B9ACFA0DE} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-03-15] (Acer Incorporate)
Task: {A33100ED-9FC4-4360-B30D-0A002258FE2C} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2171534533-33094092-2416115179-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {BF13BF75-3C83-4114-BE40-214A5D91A460} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {E0016269-49ED-4B59-9C2E-237CEE23361A} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {E2B7A516-08CF-4EE9-A635-47414568D8AA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {EDB89799-6E7B-43E0-A4CB-72B49450E43A} - System32\Tasks\{99D679EF-1A1A-4D6A-8435-4AAA89B03323} => Firefox.exe hxxp://ui.skype.com/ui/0/7.2.0.103/de/abandoninstall?source=lightinstaller&amp;page=tsBing
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-05 23:44 - 2015-01-10 10:07 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-02-05 23:47 - 2015-01-10 01:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-24 11:42 - 2014-09-24 11:42 - 00034304 _____ () C:\WINDOWS\System32\ssj1mlm.dll
2015-01-22 14:37 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-12-10 00:22 - 2014-12-10 00:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-12-14 16:37 - 2012-07-05 06:03 - 00343024 ____N () C:\Program Files (x86)\3DataManager\WTGService.exe
2013-07-27 00:07 - 2013-02-20 22:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2014-10-03 18:36 - 2014-10-03 18:36 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe
2013-01-25 00:09 - 2013-01-25 00:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-25 00:05 - 2013-01-25 00:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-25 00:12 - 2013-01-25 00:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-02-08 23:24 - 2013-02-08 23:24 - 00025672 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2013-02-08 23:24 - 2013-02-08 23:24 - 00044616 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2015-01-07 21:25 - 2015-03-10 08:37 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 10:42 - 2014-12-02 02:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-07 21:25 - 2015-03-24 06:22 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-20 10:42 - 2014-12-02 02:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 10:42 - 2014-12-02 02:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-01-07 21:25 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-01-07 21:25 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-01-07 21:25 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-01-07 21:25 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-01-07 21:25 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-07 21:25 - 2015-03-24 06:22 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-02-05 23:44 - 2015-01-10 10:07 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-01-07 21:25 - 2015-02-25 03:58 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-07-26 23:42 - 2013-01-23 09:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-22 14:39 - 2015-01-22 14:46 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-01-07 21:25 - 2015-02-25 03:58 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Sebi\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2171534533-33094092-2416115179-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-2171534533-33094092-2416115179-500 - Administrator - Disabled)
Gast (S-1-5-21-2171534533-33094092-2416115179-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2171534533-33094092-2416115179-1004 - Limited - Enabled)
Sebi (S-1-5-21-2171534533-33094092-2416115179-1002 - Administrator - Enabled) => C:\Users\Sebi

==================== Faulty Device Manager Devices =============

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (03/29/2015 06:00:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 11.3.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bfb8

Startzeit: 01d06a39375c8534

Endzeit: 2

Anwendungspfad: C:\Users\Sebi\Downloads\FRST64.exe

Berichts-ID: b1fa93b2-d62c-11e4-be97-0c84dc0bb3fc

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/29/2015 05:58:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.4.5557, Zeitstempel: 0x550d0883
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.4.5557, Zeitstempel: 0x550cfa82
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0xcfb0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (03/29/2015 05:57:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (03/29/2015 02:03:01 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (03/29/2015 02:03:01 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (03/29/2015 02:03:01 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (03/29/2015 02:00:13 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (03/29/2015 02:00:13 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (03/29/2015 02:00:13 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (03/29/2015 01:55:20 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.


System errors:
=============
Error: (03/29/2015 06:03:13 PM) (Source: DCOM) (EventID: 10010) (User: PC-SEBI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/29/2015 06:02:43 PM) (Source: DCOM) (EventID: 10010) (User: PC-SEBI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/29/2015 06:02:13 PM) (Source: DCOM) (EventID: 10010) (User: PC-SEBI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/29/2015 06:01:43 PM) (Source: DCOM) (EventID: 10010) (User: PC-SEBI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/29/2015 06:01:13 PM) (Source: DCOM) (EventID: 10010) (User: PC-SEBI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/29/2015 06:00:43 PM) (Source: DCOM) (EventID: 10010) (User: PC-SEBI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/29/2015 06:00:13 PM) (Source: DCOM) (EventID: 10010) (User: PC-SEBI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/29/2015 05:59:42 PM) (Source: DCOM) (EventID: 10010) (User: PC-SEBI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/29/2015 05:59:12 PM) (Source: DCOM) (EventID: 10010) (User: PC-SEBI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (03/29/2015 05:58:42 PM) (Source: DCOM) (EventID: 10010) (User: PC-SEBI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================
Error: (03/29/2015 06:00:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe11.3.2015.0bfb801d06a39375c85342C:\Users\Sebi\Downloads\FRST64.exeb1fa93b2-d62c-11e4-be97-0c84dc0bb3fc

Error: (03/29/2015 05:58:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e02cfb001d06a380bd7e87bC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll79e5cb42-d62c-11e4-be97-0c84dc0bb3fc

Error: (03/29/2015 05:57:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Sebi\Downloads\esetsmartinstaller_deu.exe

Error: (03/29/2015 02:03:01 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (03/29/2015 02:03:01 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (03/29/2015 02:03:01 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (03/29/2015 02:00:13 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (03/29/2015 02:00:13 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (03/29/2015 02:00:13 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (03/29/2015 01:55:20 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 36%
Total physical RAM: 7848.28 MB
Available physical RAM: 5005.47 MB
Total Pagefile: 20136.28 MB
Available Pagefile: 17012.27 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:680.39 GB) (Free:576.16 GB) NTFS
Drive d: (FNV_GERMAN) (CDROM) (Total:6.94 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: D5A2F3FE)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 30.03.2015 05:16
Noch Probleme?

Faru 30.03.2015 12:39
Also Malewarebytes findet nichts mehr! Jetzt geh ich einfach mal davon aus das die Gefahr gebannt ist :crazy:

Lieber Schrauber danke dir für deine Mühen und Zeit und das obwohl euch niemand verpflichtet das zu tun. Kann ich euch irgendwie donaten oder sonst was Gutes tun?


Lg Franky

schrauber 30.03.2015 17:31
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.pngAbsicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Faru 31.03.2015 01:10
Schrauber Hilfe!!!! Mein Steam account wurde soeben wieder mit einem Keylogger geknackt. Ich habe weder auf Fremdlinks gecklickt noch sonst was. ich bin verzweifelt wieder 200euro weg....

schrauber 31.03.2015 16:44
Hast Du das Passwort vom Account geändert?

Faru 31.03.2015 17:07
Alle! Sowohl von Steam, meiner E-Mail adresse, Pc_anmeldeadresse und sogar die hier vom Trojanerboard...

schrauber 01.04.2015 05:56
Diese Accounts werden meist Online gehackt. Also ohne zutun auf dem rechner. Poste mal frische FRST logs, aber auf jeden Fall den Support von Steam kontaktieren.

Ich verstehe auch nicht wieso das bei so vielen Leuten passiert? Speichert ihr die Kohle in dem Steam Account (was blöd wäre) oder ist da das Bankkonto verknüpft? Warum macht man sowas?

Faru 01.04.2015 11:12
Ne also das Ding ist es ist nicht direkt verwertbares Geld gestohlen worden, sondern Gegenstände sprich ingame skins und die kann man wiederum gegen provision für echtes Geld tauschen oder sogar wetten. Ich hab mit einem angefangen der nur 2 Euro wert war und mich mitlerweile auf fast 400 Euro hochgewettet bzw hab zwischenzeitlich selber bei Ebay verkauft.


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Sebi (administrator) on PC-SEBI on 01-04-2015 12:09:14
Running from C:\Users\Sebi\Downloads
Loaded Profiles: Sebi (Available profiles: Sebi)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files (x86)\3DataManager\WTGService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
() C:\Windows\System32\igfxTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\FRST\Quarantine\C\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe.xBAD
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Microsoft Corporation) C:\Users\Sebi\AppData\Local\Temp\svhost.exe
(Microsoft Corporation) C:\Users\Sebi\AppData\Roaming\svhost.exe
(Microsoft Corporation) C:\Users\Sebi\AppData\Roaming\svhost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Atheros Communications))
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [UPNP Service] => C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [a3a5a2e080e121e467a75d823c0022bf] => C:\Users\Sebi\AppData\Roaming\svhost.exe [53248 2014-05-27] (Microsoft Corporation)
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\MountPoints2: {3ef3322e-f63a-11e2-be6c-806e6f6e6963} - "D:\SETUP.EXE"
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Winlogon: [Shell] C:\Users\Sebi\AppData\Roaming\FolderName\file.exe [2052096 2015-03-31] (Crytek GmbH) <==== ATTENTION
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a3a5a2e080e121e467a75d823c0022bf.exe ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2171534533-33094092-2416115179-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2171534533-33094092-2416115179-1002 -> {6C84E0BC-9872-4A8D-8BD9-601B5D96A660} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25] (Qualcomm Atheros Commnucations)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default
FF Homepage: https://www.google.at
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2014-11-28] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-22] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin HKU\S-1-5-21-2171534533-33094092-2416115179-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sebi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-11]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-15] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [343024 2012-07-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 rzdaendpt; C:\Windows\System32\drivers\rzdaendpt.sys [33448 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-12-10] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [31912 2014-12-30] (Razer Inc)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R4 ccSet_NARA; \SystemRoot\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-31 01:18 - 2014-05-27 06:39 - 00053248 _____ (Microsoft Corporation) C:\Users\Sebi\AppData\Roaming\svhost.exe
2015-03-29 13:23 - 2015-03-29 13:23 - 00001619 _____ () C:\Users\Sebi\Downloads\Fixlist.txt
2015-03-28 14:57 - 2015-03-28 14:57 - 00852604 _____ () C:\Users\Sebi\Downloads\SecurityCheck.exe
2015-03-28 14:55 - 2015-03-28 14:55 - 02347384 _____ (ESET) C:\Users\Sebi\Downloads\esetsmartinstaller_deu.exe
2015-03-28 14:55 - 2015-03-28 14:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-03-27 20:38 - 2015-03-27 20:38 - 00001335 _____ () C:\Users\Sebi\Desktop\JRT.txt
2015-03-27 20:35 - 2015-03-27 20:35 - 01388782 _____ (Thisisu) C:\Users\Sebi\Downloads\JRT.exe
2015-03-27 20:28 - 2015-03-27 20:28 - 00001291 _____ () C:\Users\Sebi\Desktop\mbam.txt
2015-03-27 20:04 - 2015-03-27 20:30 - 00000000 ____D () C:\AdwCleaner
2015-03-27 20:04 - 2015-03-27 20:04 - 02168320 _____ () C:\Users\Sebi\Downloads\AdwCleaner_4.113.exe
2015-03-26 20:43 - 2015-03-26 20:44 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sebi\Downloads\tdsskiller.exe
2015-03-26 20:40 - 2015-03-27 20:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-26 20:39 - 2015-03-26 21:09 - 00000000 ____D () C:\Users\Sebi\Desktop\mbar
2015-03-26 20:39 - 2015-03-26 20:39 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sebi\Downloads\mbar-1.09.1.1004.exe
2015-03-26 16:06 - 2015-03-29 18:03 - 00032617 _____ () C:\Users\Sebi\Downloads\Addition.txt
2015-03-26 16:05 - 2015-04-01 12:09 - 00018714 _____ () C:\Users\Sebi\Downloads\FRST.txt
2015-03-26 16:05 - 2015-04-01 12:09 - 00000000 ____D () C:\FRST
2015-03-26 16:05 - 2015-03-26 16:05 - 02095616 _____ (Farbar) C:\Users\Sebi\Downloads\FRST64.exe
2015-03-25 21:48 - 2015-03-30 12:44 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-25 21:48 - 2015-03-27 20:05 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-25 21:48 - 2015-03-25 21:48 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-25 21:48 - 2015-03-25 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-25 21:48 - 2015-03-25 21:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-25 21:48 - 2015-03-25 21:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-25 21:48 - 2015-03-17 07:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-25 21:48 - 2015-03-17 07:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-25 12:35 - 2015-03-11 04:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-03-24 14:09 - 2015-03-26 21:11 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4
2015-03-24 11:15 - 2015-03-24 11:15 - 01054912 _____ (Adobe) C:\Users\Sebi\Downloads\install_flashplayer17x32au_ltr5x64d_awc_aih.exe
2015-03-24 02:29 - 2015-03-31 01:18 - 00000000 __SHD () C:\Users\Sebi\AppData\Roaming\FolderName
2015-03-24 02:22 - 2015-03-24 02:22 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Skype
2015-03-24 02:21 - 2015-03-28 16:32 - 00000000 ____D () C:\ProgramData\Skype
2015-03-24 02:21 - 2015-03-25 22:09 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Skype
2015-03-24 02:20 - 2015-03-24 02:20 - 00003134 _____ () C:\WINDOWS\System32\Tasks\{99D679EF-1A1A-4D6A-8435-4AAA89B03323}
2015-03-22 02:33 - 2015-03-22 02:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-19 22:08 - 2015-03-19 22:08 - 00000000 ____D () C:\Users\Sebi\Documents\Benutzerdefinierte Office-Vorlagen
2015-03-16 20:08 - 2015-03-16 20:08 - 00000222 _____ () C:\Users\Sebi\Desktop\South Park The Stick of Truth.url
2015-03-11 12:35 - 2015-02-04 01:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 12:35 - 2015-02-04 01:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 12:35 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 12:35 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 12:34 - 2015-03-06 04:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 12:34 - 2015-03-06 04:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 12:34 - 2015-02-26 01:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 12:34 - 2015-02-20 05:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 12:34 - 2015-02-20 04:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 12:34 - 2015-02-20 04:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 12:34 - 2015-02-20 04:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 12:34 - 2015-02-07 01:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 12:34 - 2015-02-06 03:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 12:34 - 2015-02-06 03:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 12:34 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 12:34 - 2015-02-04 01:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 12:34 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 12:34 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 12:34 - 2015-01-31 01:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 12:34 - 2015-01-31 01:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 12:34 - 2015-01-30 05:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 12:34 - 2015-01-30 05:00 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-11 12:34 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 12:34 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 12:34 - 2015-01-29 03:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 12:34 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 12:34 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 12:34 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 12:34 - 2014-10-29 04:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-03-11 12:34 - 2014-10-29 04:46 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-03-11 12:34 - 2014-10-29 04:46 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-03-11 12:34 - 2014-10-29 04:45 - 01198080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-03-11 12:34 - 2014-10-29 04:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-03-11 12:34 - 2014-10-29 04:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-03-11 12:34 - 2014-10-29 04:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2015-03-11 12:34 - 2014-10-29 04:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-03-11 12:34 - 2014-10-29 04:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2015-03-11 12:34 - 2014-10-29 04:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-03-11 12:34 - 2014-10-29 04:03 - 00241152 ____C (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2015-03-11 12:34 - 2014-10-29 04:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-03-11 12:34 - 2014-10-29 04:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-03-11 12:34 - 2014-10-29 03:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2015-03-11 12:34 - 2014-10-29 03:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2015-03-11 12:34 - 2014-10-29 03:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-11 12:34 - 2014-10-29 03:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-03-11 12:34 - 2014-10-29 03:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2015-03-11 12:34 - 2014-10-29 03:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-03-11 12:34 - 2014-10-29 03:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-03-11 12:34 - 2014-10-29 02:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-03-11 12:34 - 2014-10-29 02:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-03-11 12:34 - 2014-10-29 02:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-11 12:34 - 2014-10-29 02:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-03-11 12:33 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 12:33 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 12:33 - 2015-01-31 01:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 12:33 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 12:33 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 12:33 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 12:33 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 12:33 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 12:33 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 12:33 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 12:33 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 12:33 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 12:33 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 12:33 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 12:33 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 12:33 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 12:33 - 2015-01-29 03:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 12:33 - 2015-01-29 03:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 12:33 - 2015-01-29 02:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 12:33 - 2015-01-29 02:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 12:33 - 2015-01-29 02:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 12:33 - 2015-01-29 02:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 12:33 - 2015-01-28 17:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 12:33 - 2015-01-28 17:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 12:33 - 2015-01-28 17:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 12:33 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 12:33 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 12:33 - 2015-01-27 06:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 12:33 - 2015-01-27 04:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 12:33 - 2014-10-29 05:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-03-11 12:33 - 2014-10-29 04:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-11 12:33 - 2014-10-29 04:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-03-11 12:33 - 2014-10-29 04:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-03-11 12:33 - 2014-10-29 03:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-11 12:33 - 2014-10-29 03:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-03-11 12:33 - 2014-10-29 03:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-11 12:33 - 2014-10-29 02:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2015-03-11 12:33 - 2014-10-29 02:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 12:30 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 12:30 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 12:30 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 12:30 - 2015-02-21 02:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 12:30 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 12:30 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 12:30 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 12:30 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 12:30 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 12:30 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 12:30 - 2015-02-20 04:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 12:30 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 12:30 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 12:30 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 12:30 - 2015-02-20 04:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 12:30 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 12:30 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 12:30 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 12:30 - 2015-02-20 03:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 12:30 - 2015-02-20 03:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 12:30 - 2015-02-20 03:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 12:30 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 12:30 - 2015-02-20 03:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 12:30 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 12:30 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 12:30 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 12:30 - 2015-02-20 03:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 12:30 - 2015-02-20 03:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 12:30 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 12:30 - 2015-02-20 03:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 12:30 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 12:30 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 12:30 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 12:30 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 12:30 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 12:30 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 12:30 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 12:29 - 2015-02-12 19:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 12:29 - 2015-02-12 19:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 12:29 - 2015-01-29 20:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 12:29 - 2015-01-29 20:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 12:29 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-11 12:28 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 12:28 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 12:28 - 2015-01-28 03:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 12:28 - 2015-01-28 03:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 12:28 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 12:28 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 12:28 - 2015-01-21 07:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-11 12:28 - 2015-01-21 07:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-09 23:44 - 2015-03-09 23:44 - 00004856 _____ () C:\Users\Sebi\Downloads\config_ endde83.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-01 12:08 - 2015-01-07 21:04 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-01 12:08 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-01 01:07 - 2015-01-14 17:30 - 01294677 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-01 00:18 - 2014-12-15 13:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-01 00:16 - 2015-01-14 15:41 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\TS3Client
2015-03-31 22:51 - 2015-01-27 10:50 - 00005128 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Pc-Sebi-Sebi Pc-Sebi
2015-03-31 19:40 - 2015-01-28 12:43 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{708BD5AD-2F5C-4A11-8A1A-FE53B4E2038D}
2015-03-31 02:01 - 2015-01-22 14:39 - 00135680 ___SH () C:\Users\Sebi\Desktop\Thumbs.db
2015-03-30 12:23 - 2014-09-24 08:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-30 12:23 - 2014-09-24 07:43 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-30 12:23 - 2014-09-24 07:43 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-29 23:12 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-29 23:04 - 2014-12-14 16:41 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2171534533-33094092-2416115179-1002
2015-03-27 20:34 - 2015-01-27 10:50 - 00000000 ___DO () C:\Users\Sebi\OneDrive
2015-03-27 20:31 - 2013-08-22 16:46 - 00341977 _____ () C:\WINDOWS\setupact.log
2015-03-27 20:30 - 2014-09-23 23:06 - 00015254 _____ () C:\WINDOWS\PFRO.log
2015-03-27 20:30 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-27 20:30 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-26 13:23 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-25 23:40 - 2015-01-14 17:37 - 00000000 ____D () C:\Users\Sebi
2015-03-25 22:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\tracing
2015-03-25 22:25 - 2015-01-11 15:17 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-25 22:25 - 2014-09-24 09:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-25 20:16 - 2015-01-27 22:10 - 06528454 _____ () C:\Users\Sebi\Downloads\paint.net.4.0.5.install.zip
2015-03-25 14:14 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-25 13:14 - 2015-01-22 14:43 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Deployment
2015-03-25 13:14 - 2014-12-14 16:35 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Packages
2015-03-24 11:10 - 2014-12-14 16:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-21 17:51 - 2015-01-08 17:45 - 00000072 _____ () C:\Users\Public\LMDebug.log
2015-03-17 19:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-17 11:15 - 2013-08-22 16:44 - 00372192 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-17 11:08 - 2015-01-22 14:23 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-17 02:20 - 2015-01-13 02:54 - 00000000 ____D () C:\Users\Sebi\Documents\My Games
2015-03-16 20:08 - 2015-01-07 22:10 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-13 22:13 - 2015-01-08 14:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-13 22:10 - 2015-01-08 14:00 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-13 16:07 - 2015-01-22 14:55 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2171534533-33094092-2416115179-1002
2015-03-04 23:24 - 2014-09-24 09:46 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-04 23:24 - 2014-09-24 09:46 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-03-31 01:18 - 2014-05-27 06:39 - 0053248 _____ (Microsoft Corporation) C:\Users\Sebi\AppData\Roaming\svhost.exe
2013-07-26 23:46 - 2013-07-26 23:46 - 0000000 _____ () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Sebi\AppData\Local\Temp\atidrv.exe
C:\Users\Sebi\AppData\Local\Temp\ESEA.exe
C:\Users\Sebi\AppData\Local\Temp\svhost.exe
C:\Users\Sebi\AppData\Local\Temp\tmp2280.tmp.exe
C:\Users\Sebi\AppData\Local\Temp\tmpF05C.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-27 21:11

==================== End Of Log ============================
--- --- ---

schrauber 01.04.2015 13:54
Zitat:
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Winlogon: [Shell] C:\Users\Sebi\AppData\Roaming\FolderName\file.exe [2052096 2015-03-31] (Crytek GmbH) <==== ATTENTION
Den haste dir seit dem All Clean neu eingefangen. Die Datei bitte mal online prüfen:
Dateien online auf Viren prüfen - so geht&#039;s - Anleitungen

Faru 01.04.2015 14:25
Code:
https://www.virustotal.com/de/file/f0ff2e556a5809760ef5b6b4ffe2e50c5e6cb978accdcd4ba390289d8d281999/analysis/1427894601/

schrauber 01.04.2015 18:57
Nice.

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Faru 02.04.2015 01:43
Code:
02:08:47.0754 0x1770  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
02:08:47.0754 0x1770  UEFI system
02:08:50.0571 0x1770  ============================================================
02:08:50.0572 0x1770  Current date / time: 2015/04/02 02:08:50.0571
02:08:50.0572 0x1770  SystemInfo:
02:08:50.0572 0x1770 
02:08:50.0572 0x1770  OS Version: 6.3.9600 ServicePack: 0.0
02:08:50.0572 0x1770  Product type: Workstation
02:08:50.0572 0x1770  ComputerName: PC-SEBI
02:08:50.0572 0x1770  UserName: Sebi
02:08:50.0572 0x1770  Windows directory: C:\WINDOWS
02:08:50.0572 0x1770  System windows directory: C:\WINDOWS
02:08:50.0572 0x1770  Running under WOW64
02:08:50.0572 0x1770  Processor architecture: Intel x64
02:08:50.0572 0x1770  Number of processors: 8
02:08:50.0572 0x1770  Page size: 0x1000
02:08:50.0572 0x1770  Boot type: Normal boot
02:08:50.0572 0x1770  ============================================================
02:08:52.0457 0x1770  KLMD registered as C:\WINDOWS\system32\drivers\04630711.sys
02:08:53.0728 0x1770  System UUID: {709216AC-0719-4D3E-0608-78878E71E568}
02:08:54.0180 0x1770  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:08:54.0188 0x1770  ============================================================
02:08:54.0188 0x1770  \Device\Harddisk0\DR0:
02:08:54.0193 0x1770  GPT partitions:
02:08:54.0193 0x1770  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4B4BCBCF-388D-491D-B645-29876054396B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
02:08:54.0193 0x1770  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {CB252A3B-B87A-4DA3-8022-5CFB812920BF}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
02:08:54.0193 0x1770  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {DA78E247-849C-4C25-867D-7D5332ACE11E}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
02:08:54.0193 0x1770  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5DF20FB8-C9CD-4594-92E3-78E76004AB24}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x550C6000
02:08:54.0193 0x1770  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {84FC1ACD-89A8-47D0-AD31-F551D9F344CF}, Name: , StartLBA 0x55264800, BlocksNum 0xE1000
02:08:54.0193 0x1770  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {51F7C55F-DA3A-41C2-8521-9BB7DAD6590C}, Name: Basic data partition, StartLBA 0x55345800, BlocksNum 0x2200800
02:08:54.0193 0x1770  MBR partitions:
02:08:54.0193 0x1770  ============================================================
02:08:54.0272 0x1770  C: <-> \Device\Harddisk0\DR0\Partition4
02:08:54.0272 0x1770  ============================================================
02:08:54.0272 0x1770  Initialize success
02:08:54.0273 0x1770  ============================================================
02:08:55.0161 0x03bc  ============================================================
02:08:55.0161 0x03bc  Scan started
02:08:55.0161 0x03bc  Mode: Manual;
02:08:55.0161 0x03bc  ============================================================
02:08:55.0161 0x03bc  KSN ping started
02:08:57.0529 0x03bc  KSN ping finished: true
02:08:59.0347 0x03bc  ================ Scan system memory ========================
02:08:59.0347 0x03bc  System memory - ok
02:08:59.0348 0x03bc  ================ Scan services =============================
02:09:00.0599 0x03bc  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
02:09:00.0615 0x03bc  1394ohci - ok
02:09:00.0667 0x03bc  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware          C:\WINDOWS\system32\drivers\3ware.sys
02:09:00.0670 0x03bc  3ware - ok
02:09:00.0735 0x03bc  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
02:09:00.0749 0x03bc  ACPI - ok
02:09:00.0799 0x03bc  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
02:09:00.0801 0x03bc  acpiex - ok
02:09:00.0811 0x03bc  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
02:09:00.0812 0x03bc  acpipagr - ok
02:09:00.0847 0x03bc  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi        C:\WINDOWS\System32\drivers\acpipmi.sys
02:09:00.0848 0x03bc  AcpiPmi - ok
02:09:00.0851 0x03bc  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
02:09:00.0852 0x03bc  acpitime - ok
02:09:01.0022 0x03bc  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
02:09:01.0033 0x03bc  AdobeFlashPlayerUpdateSvc - ok
02:09:01.0198 0x03bc  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX        C:\WINDOWS\system32\drivers\ADP80XX.SYS
02:09:01.0219 0x03bc  ADP80XX - ok
02:09:01.0269 0x03bc  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc    C:\WINDOWS\System32\aelupsvc.dll
02:09:01.0273 0x03bc  AeLookupSvc - ok
02:09:01.0315 0x03bc  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD            C:\WINDOWS\system32\drivers\afd.sys
02:09:01.0326 0x03bc  AFD - ok
02:09:01.0368 0x03bc  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
02:09:01.0371 0x03bc  agp440 - ok
02:09:01.0411 0x03bc  [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache        C:\WINDOWS\system32\DRIVERS\ahcache.sys
02:09:01.0413 0x03bc  ahcache - ok
02:09:01.0455 0x03bc  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG            C:\WINDOWS\System32\alg.exe
02:09:01.0458 0x03bc  ALG - ok
02:09:01.0484 0x03bc  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8          C:\WINDOWS\System32\drivers\amdk8.sys
02:09:01.0487 0x03bc  AmdK8 - ok
02:09:01.0504 0x03bc  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
02:09:01.0507 0x03bc  AmdPPM - ok
02:09:01.0558 0x03bc  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata        C:\WINDOWS\system32\drivers\amdsata.sys
02:09:01.0564 0x03bc  amdsata - ok
02:09:01.0618 0x03bc  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
02:09:01.0633 0x03bc  amdsbs - ok
02:09:01.0668 0x03bc  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata        C:\WINDOWS\system32\drivers\amdxata.sys
02:09:01.0670 0x03bc  amdxata - ok
02:09:01.0718 0x03bc  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID          C:\WINDOWS\system32\drivers\appid.sys
02:09:01.0722 0x03bc  AppID - ok
02:09:01.0760 0x03bc  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
02:09:01.0764 0x03bc  AppIDSvc - ok
02:09:01.0800 0x03bc  [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo        C:\WINDOWS\System32\appinfo.dll
02:09:01.0808 0x03bc  Appinfo - ok
02:09:01.0875 0x03bc  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
02:09:01.0891 0x03bc  AppReadiness - ok
02:09:02.0040 0x03bc  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc        C:\WINDOWS\system32\appxdeploymentserver.dll
02:09:02.0070 0x03bc  AppXSvc - ok
02:09:02.0102 0x03bc  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
02:09:02.0109 0x03bc  arcsas - ok
02:09:02.0149 0x03bc  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi          C:\WINDOWS\system32\drivers\atapi.sys
02:09:02.0151 0x03bc  atapi - ok
02:09:02.0201 0x03bc  [ 62A40F3DFF2B40915A1981285B14EFD4, 02F19978D153E816A6A879F6D0D67B2AB89F5964B86953F11B82D9970C3ED963 ] AthBTPort      C:\WINDOWS\system32\DRIVERS\btath_flt.sys
02:09:02.0205 0x03bc  AthBTPort - ok
02:09:02.0350 0x03bc  [ A917E4F753B90A5181ECBFA56D5C154A, 4025FC65AB44AE5FDF6D144F16873C1E165D9EB7C4BF0570C996F2D7C8B71A1E ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
02:09:02.0361 0x03bc  AtherosSvc - ok
02:09:02.0512 0x03bc  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
02:09:02.0655 0x03bc  athr - ok
02:09:02.0716 0x03bc  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
02:09:02.0720 0x03bc  AudioEndpointBuilder - ok
02:09:02.0815 0x03bc  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
02:09:02.0836 0x03bc  Audiosrv - ok
02:09:02.0882 0x03bc  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
02:09:02.0890 0x03bc  AxInstSV - ok
02:09:02.0960 0x03bc  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv        C:\WINDOWS\system32\drivers\bxvbda.sys
02:09:02.0993 0x03bc  b06bdrv - ok
02:09:03.0029 0x03bc  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
02:09:03.0041 0x03bc  BasicDisplay - ok
02:09:03.0060 0x03bc  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender    C:\WINDOWS\System32\drivers\BasicRender.sys
02:09:03.0064 0x03bc  BasicRender - ok
02:09:03.0082 0x03bc  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
02:09:03.0083 0x03bc  bcmfn2 - ok
02:09:03.0139 0x03bc  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
02:09:03.0151 0x03bc  BDESVC - ok
02:09:03.0179 0x03bc  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
02:09:03.0205 0x03bc  Beep - ok
02:09:03.0281 0x03bc  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE            C:\WINDOWS\System32\bfe.dll
02:09:03.0305 0x03bc  BFE - ok
02:09:03.0389 0x03bc  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
02:09:03.0413 0x03bc  BITS - ok
02:09:03.0452 0x03bc  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
02:09:03.0454 0x03bc  bowser - ok
02:09:03.0516 0x03bc  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
02:09:03.0558 0x03bc  BrokerInfrastructure - ok
02:09:03.0601 0x03bc  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser        C:\WINDOWS\System32\browser.dll
02:09:03.0605 0x03bc  Browser - ok
02:09:03.0623 0x03bc  [ 6BF12F3F3A5D3F2866E69B8B463BC0CD, E6D3358ABCF16ED2E68A93171C5E84D797137898BB2231E26FF0E4A07B8ADB22 ] BTATH_A2DP      C:\WINDOWS\system32\drivers\btath_a2dp.sys
02:09:03.0629 0x03bc  BTATH_A2DP - ok
02:09:03.0638 0x03bc  [ DC7038090A369FE866B76DB18E356558, 6782DBDDA352FBF8C2F5F6A90591794B569F2897AA5BD901AF062E774E734E48 ] btath_avdt      C:\WINDOWS\system32\drivers\btath_avdt.sys
02:09:03.0641 0x03bc  btath_avdt - ok
02:09:03.0681 0x03bc  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
02:09:03.0685 0x03bc  BTATH_HCRP - ok
02:09:03.0710 0x03bc  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT    C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
02:09:03.0711 0x03bc  BTATH_LWFLT - ok
02:09:03.0725 0x03bc  [ A6019537D6125099363F90D0C6D181F9, CA0C46AABBF71E2A29C93A477A06D33E3CACC84978DD9D729BEFB339E50D7055 ] BTATH_RCP      C:\WINDOWS\System32\drivers\btath_rcp.sys
02:09:03.0728 0x03bc  BTATH_RCP - ok
02:09:03.0764 0x03bc  [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
02:09:03.0774 0x03bc  BtFilter - ok
02:09:03.0797 0x03bc  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
02:09:03.0798 0x03bc  BthAvrcpTg - ok
02:09:03.0832 0x03bc  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum        C:\WINDOWS\System32\drivers\BthEnum.sys
02:09:03.0833 0x03bc  BthEnum - ok
02:09:03.0849 0x03bc  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum      C:\WINDOWS\System32\drivers\bthhfenum.sys
02:09:03.0851 0x03bc  BthHFEnum - ok
02:09:03.0858 0x03bc  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
02:09:03.0859 0x03bc  bthhfhid - ok
02:09:03.0898 0x03bc  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum      C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
02:09:03.0903 0x03bc  BthLEEnum - ok
02:09:03.0937 0x03bc  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
02:09:03.0939 0x03bc  BTHMODEM - ok
02:09:03.0948 0x03bc  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
02:09:03.0963 0x03bc  BthPan - ok
02:09:04.0094 0x03bc  [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT        C:\WINDOWS\System32\Drivers\BTHport.sys
02:09:04.0119 0x03bc  BTHPORT - ok
02:09:04.0157 0x03bc  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv        C:\WINDOWS\system32\bthserv.dll
02:09:04.0159 0x03bc  bthserv - ok
02:09:04.0187 0x03bc  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
02:09:04.0189 0x03bc  BTHUSB - ok
02:09:04.0336 0x03bc  [ 843F5EFF90A988617C5FFD8596A2B571, 69FF9731876E1CBA4BBF00557F0CBC73247165F8EB45F45A55CC0178A7B90D44 ] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
02:09:04.0381 0x03bc  CCDMonitorService - ok
02:09:04.0405 0x03bc  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
02:09:04.0407 0x03bc  cdfs - ok
02:09:04.0421 0x03bc  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom          C:\WINDOWS\System32\drivers\cdrom.sys
02:09:04.0425 0x03bc  cdrom - ok
02:09:04.0459 0x03bc  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc    C:\WINDOWS\System32\certprop.dll
02:09:04.0462 0x03bc  CertPropSvc - ok
02:09:04.0475 0x03bc  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
02:09:04.0476 0x03bc  circlass - ok
02:09:04.0485 0x03bc  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
02:09:04.0491 0x03bc  CLFS - ok
02:09:04.0687 0x03bc  [ 880A6DAC6E03871B37A782155D189A53, 93659BB67236F5EBC317FD73879EB79EFB195728A2C0BC997881D3622C6CF981 ] ClickToRunSvc  C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
02:09:04.0722 0x03bc  ClickToRunSvc - ok
02:09:04.0775 0x03bc  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
02:09:04.0812 0x03bc  CmBatt - ok
02:09:04.0856 0x03bc  [ 3930E508DDA46C1FF68FD963F350AA0A, BF63F9C7AB30E2A8199D65EDD6DCBB797C93A4A0B972373643FBE1C38BCFA697 ] CNG            C:\WINDOWS\system32\Drivers\cng.sys
02:09:04.0865 0x03bc  CNG - ok
02:09:04.0957 0x03bc  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
02:09:04.0961 0x03bc  CompositeBus - ok
02:09:04.0968 0x03bc  COMSysApp - ok
02:09:04.0979 0x03bc  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
02:09:04.0983 0x03bc  condrv - ok
02:09:05.0108 0x03bc  [ 1154D3FBD01C35A2F9A2073BCB366452, 02F8CBDD8E2F321711528CFFC46E9F0B60CC779C34164E387E2E53DEB518B674 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
02:09:05.0162 0x03bc  cphs - ok
02:09:05.0193 0x03bc  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
02:09:05.0196 0x03bc  CryptSvc - ok
02:09:05.0206 0x03bc  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam            C:\WINDOWS\system32\drivers\dam.sys
02:09:05.0208 0x03bc  dam - ok
02:09:05.0275 0x03bc  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
02:09:05.0314 0x03bc  DcomLaunch - ok
02:09:05.0356 0x03bc  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc      C:\WINDOWS\System32\defragsvc.dll
02:09:05.0415 0x03bc  defragsvc - ok
02:09:05.0475 0x03bc  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
02:09:05.0511 0x03bc  DeviceAssociationService - ok
02:09:05.0593 0x03bc  [ D06DB4200F9444B2386E6C0E68CD574A, 7266A22D6AF86813CF8AB13BE40384D20C24CE72EF75B0C467C5F88F5B058B1E ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
02:09:05.0602 0x03bc  DeviceFastLaneService - ok
02:09:05.0641 0x03bc  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall  C:\WINDOWS\system32\umpnpmgr.dll
02:09:05.0645 0x03bc  DeviceInstall - ok
02:09:05.0692 0x03bc  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
02:09:05.0707 0x03bc  Dfsc - ok
02:09:05.0724 0x03bc  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
02:09:05.0728 0x03bc  dg_ssudbus - ok
02:09:05.0778 0x03bc  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
02:09:05.0784 0x03bc  Dhcp - ok
02:09:05.0798 0x03bc  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
02:09:05.0801 0x03bc  disk - ok
02:09:05.0820 0x03bc  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc          C:\WINDOWS\System32\drivers\dmvsc.sys
02:09:05.0821 0x03bc  dmvsc - ok
02:09:05.0860 0x03bc  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
02:09:05.0865 0x03bc  Dnscache - ok
02:09:05.0901 0x03bc  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc        C:\WINDOWS\System32\dot3svc.dll
02:09:05.0906 0x03bc  dot3svc - ok
02:09:05.0953 0x03bc  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS            C:\WINDOWS\system32\dps.dll
02:09:05.0962 0x03bc  DPS - ok
02:09:05.0973 0x03bc  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud        C:\WINDOWS\system32\drivers\drmkaud.sys
02:09:05.0974 0x03bc  drmkaud - ok
02:09:06.0018 0x03bc  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
02:09:06.0028 0x03bc  DsmSvc - ok
02:09:06.0113 0x03bc  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl        C:\WINDOWS\System32\drivers\dxgkrnl.sys
02:09:06.0138 0x03bc  DXGKrnl - ok
02:09:06.0192 0x03bc  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost        C:\WINDOWS\System32\eapsvc.dll
02:09:06.0198 0x03bc  Eaphost - ok
02:09:06.0355 0x03bc  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv          C:\WINDOWS\system32\drivers\evbda.sys
02:09:06.0436 0x03bc  ebdrv - ok
02:09:06.0487 0x03bc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS            C:\WINDOWS\System32\lsass.exe
02:09:06.0490 0x03bc  EFS - ok
02:09:06.0523 0x03bc  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass    C:\WINDOWS\system32\drivers\EhStorClass.sys
02:09:06.0524 0x03bc  EhStorClass - ok
02:09:06.0579 0x03bc  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
02:09:06.0582 0x03bc  EhStorTcgDrv - ok
02:09:06.0656 0x03bc  [ 616E1B9130314EB0E331197940AA625B, A4736A31EFF6D35A27B0EC14A7C855B7577301500E20CE936B0F1C0013F0FDF0 ] ePowerSvc      C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
02:09:06.0673 0x03bc  ePowerSvc - ok
02:09:06.0701 0x03bc  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
02:09:06.0702 0x03bc  ErrDev - ok
02:09:06.0741 0x03bc  [ F3AED65F54A867CE73D76BA6032E3BDD, 488B65C2574655AC9C9231FF0B677CB3B90C38689D4DE592D8060091AFB83445 ] ETD            C:\WINDOWS\system32\DRIVERS\ETD.sys
02:09:06.0748 0x03bc  ETD - ok
02:09:06.0824 0x03bc  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem    C:\WINDOWS\system32\es.dll
02:09:06.0839 0x03bc  EventSystem - ok
02:09:06.0904 0x03bc  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat          C:\WINDOWS\system32\drivers\exfat.sys
02:09:06.0916 0x03bc  exfat - ok
02:09:06.0937 0x03bc  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat        C:\WINDOWS\system32\drivers\fastfat.sys
02:09:06.0949 0x03bc  fastfat - ok
02:09:07.0009 0x03bc  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax            C:\WINDOWS\system32\fxssvc.exe
02:09:07.0020 0x03bc  Fax - ok
02:09:07.0031 0x03bc  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc            C:\WINDOWS\System32\drivers\fdc.sys
02:09:07.0033 0x03bc  fdc - ok
02:09:07.0058 0x03bc  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost        C:\WINDOWS\system32\fdPHost.dll
02:09:07.0059 0x03bc  fdPHost - ok
02:09:07.0086 0x03bc  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
02:09:07.0088 0x03bc  FDResPub - ok
02:09:07.0110 0x03bc  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc          C:\WINDOWS\system32\fhsvc.dll
02:09:07.0119 0x03bc  fhsvc - ok
02:09:07.0169 0x03bc  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
02:09:07.0175 0x03bc  FileInfo - ok
02:09:07.0212 0x03bc  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace      C:\WINDOWS\system32\drivers\filetrace.sys
02:09:07.0215 0x03bc  Filetrace - ok
02:09:07.0250 0x03bc  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
02:09:07.0251 0x03bc  flpydisk - ok
02:09:07.0285 0x03bc  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
02:09:07.0292 0x03bc  FltMgr - ok
02:09:07.0357 0x03bc  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache      C:\WINDOWS\system32\FntCache.dll
02:09:07.0455 0x03bc  FontCache - ok
02:09:07.0657 0x03bc  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:09:07.0660 0x03bc  FontCache3.0.0.0 - ok
02:09:07.0683 0x03bc  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends      C:\WINDOWS\system32\drivers\FsDepends.sys
02:09:07.0687 0x03bc  FsDepends - ok
02:09:07.0698 0x03bc  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
02:09:07.0701 0x03bc  Fs_Rec - ok
02:09:07.0800 0x03bc  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
02:09:07.0824 0x03bc  fvevol - ok
02:09:07.0877 0x03bc  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM          C:\WINDOWS\System32\drivers\fxppm.sys
02:09:07.0878 0x03bc  FxPPM - ok
02:09:07.0892 0x03bc  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
02:09:07.0894 0x03bc  gagp30kx - ok
02:09:07.0992 0x03bc  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
02:09:08.0002 0x03bc  GamesAppService - ok
02:09:08.0045 0x03bc  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
02:09:08.0046 0x03bc  gencounter - ok
02:09:08.0190 0x03bc  [ 4DF4ABCA09AF1530D712FA589CE3BE9F, 573C04358BBAEAEDFDC4F265627E8029295C31BB17C13B428D5694119AECEDAD ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
02:09:08.0212 0x03bc  GfExperienceService - ok
02:09:08.0261 0x03bc  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101    C:\WINDOWS\system32\Drivers\msgpioclx.sys
02:09:08.0264 0x03bc  GPIOClx0101 - ok
02:09:08.0372 0x03bc  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc          C:\WINDOWS\System32\gpsvc.dll
02:09:08.0398 0x03bc  gpsvc - ok
02:09:08.0429 0x03bc  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
02:09:08.0431 0x03bc  HDAudBus - ok
02:09:08.0449 0x03bc  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt        C:\WINDOWS\System32\drivers\HidBatt.sys
02:09:08.0450 0x03bc  HidBatt - ok
02:09:08.0474 0x03bc  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
02:09:08.0477 0x03bc  HidBth - ok
02:09:08.0500 0x03bc  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
02:09:08.0501 0x03bc  hidi2c - ok
02:09:08.0554 0x03bc  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr          C:\WINDOWS\System32\drivers\hidir.sys
02:09:08.0555 0x03bc  HidIr - ok
02:09:08.0605 0x03bc  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv        C:\WINDOWS\system32\hidserv.dll
02:09:08.0610 0x03bc  hidserv - ok
02:09:08.0629 0x03bc  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
02:09:08.0632 0x03bc  HidUsb - ok
02:09:08.0680 0x03bc  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
02:09:08.0686 0x03bc  hkmsvc - ok
02:09:08.0718 0x03bc  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
02:09:08.0727 0x03bc  HomeGroupListener - ok
02:09:08.0766 0x03bc  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
02:09:08.0774 0x03bc  HomeGroupProvider - ok
02:09:08.0801 0x03bc  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
02:09:08.0803 0x03bc  HpSAMD - ok
02:09:08.0919 0x03bc  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
02:09:08.0962 0x03bc  HTTP - ok
02:09:09.0006 0x03bc  [ DDBB283835010E52E88AAC6995B617D7, 00BDD20B4C8DAEB1FCF545E453A09B473F19A99D1368DF8F63F0FA549766E466 ] huawei_enumerator C:\WINDOWS\System32\drivers\ew_jubusenum.sys
02:09:09.0020 0x03bc  huawei_enumerator - ok
02:09:09.0069 0x03bc  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
02:09:09.0070 0x03bc  hwpolicy - ok
02:09:09.0102 0x03bc  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
02:09:09.0104 0x03bc  hyperkbd - ok
02:09:09.0126 0x03bc  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
02:09:09.0127 0x03bc  HyperVideo - ok
02:09:09.0149 0x03bc  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
02:09:09.0151 0x03bc  i8042prt - ok
02:09:09.0177 0x03bc  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
02:09:09.0178 0x03bc  iaLPSSi_GPIO - ok
02:09:09.0200 0x03bc  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C    C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
02:09:09.0202 0x03bc  iaLPSSi_I2C - ok
02:09:09.0249 0x03bc  [ FA4C48E36F0B24E7E33D3E7E1844B9C9, F61F448B8E305DEFDDA5D4A6FC4E57C798C11ED4DA0ACB885847DC8A9A7B4E98 ] iaStorA        C:\WINDOWS\system32\drivers\iaStorA.sys
02:09:09.0258 0x03bc  iaStorA - ok
02:09:09.0313 0x03bc  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
02:09:09.0323 0x03bc  iaStorAV - ok
02:09:09.0370 0x03bc  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV        C:\WINDOWS\system32\drivers\iaStorV.sys
02:09:09.0376 0x03bc  iaStorV - ok
02:09:09.0549 0x03bc  [ ACD1812E8A531E1CEA09BA3991371E48, 87CAE32D26A36B0AEF8EC884CDFE3E6A572C9330206E004BD63423ED00BB5A62 ] IconMan_R      C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
02:09:09.0583 0x03bc  IconMan_R - ok
02:09:09.0587 0x03bc  IEEtwCollectorService - ok
02:09:09.0751 0x03bc  [ 09F8023A17EE9EB0897A1B195428192B, 2DF018A24766E32E16F4B4FA9DA3D095BA42702B6869D4D1624A5EBF83805AF2 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
02:09:09.0816 0x03bc  igfx - ok
02:09:09.0878 0x03bc  [ F64E1962751A6DAA3FBB6210D6751E22, 972046FB7F0B443F9251F2F5B4AF0F8BAC2046B3EA295428BC888AAA568EC737 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
02:09:09.0892 0x03bc  igfxCUIService1.0.0.0 - ok
02:09:09.0965 0x03bc  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
02:09:10.0000 0x03bc  IKEEXT - ok
02:09:10.0037 0x03bc  [ CF25067821BB89E87021E9493C178863, 1AA25378EFD977BC6CD9405A395FA2962770385FAB5A9A55FC95B5F6DFD8D1AE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
02:09:10.0039 0x03bc  intaud_WaveExtensible - ok
02:09:10.0251 0x03bc  [ 7D7711B0F972C73AE46105B42092D82E, AC66AE06B65C03BCEE2FF90732B13B651862382CDFEE85A6B5497DF3A2FF75A2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
02:09:10.0328 0x03bc  IntcAzAudAddService - ok
02:09:10.0392 0x03bc  [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
02:09:10.0406 0x03bc  IntcDAud - ok
02:09:10.0514 0x03bc  [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
02:09:10.0528 0x03bc  Intel(R) Capability Licensing Service Interface - ok
02:09:10.0564 0x03bc  [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
02:09:10.0584 0x03bc  Intel(R) Capability Licensing Service TCP IP Interface - ok
02:09:10.0605 0x03bc  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
02:09:10.0606 0x03bc  intelide - ok
02:09:10.0634 0x03bc  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
02:09:10.0635 0x03bc  intelpep - ok
02:09:10.0656 0x03bc  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
02:09:10.0658 0x03bc  intelppm - ok
02:09:10.0683 0x03bc  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
02:09:10.0685 0x03bc  IpFilterDriver - ok
02:09:10.0747 0x03bc  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
02:09:10.0788 0x03bc  iphlpsvc - ok
02:09:10.0821 0x03bc  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV        C:\WINDOWS\System32\drivers\IPMIDrv.sys
02:09:10.0824 0x03bc  IPMIDRV - ok
02:09:10.0865 0x03bc  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT          C:\WINDOWS\system32\drivers\ipnat.sys
02:09:10.0869 0x03bc  IPNAT - ok
02:09:10.0899 0x03bc  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
02:09:10.0900 0x03bc  IRENUM - ok
02:09:10.0921 0x03bc  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
02:09:10.0922 0x03bc  isapnp - ok
02:09:10.0957 0x03bc  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
02:09:10.0967 0x03bc  iScsiPrt - ok
02:09:11.0006 0x03bc  [ 2DB1E2AE4A0DE62026296F0A6C29F3F5, A5A3D4D5BF9FF1DB5AC3BE15699B52707C8EB71EFA8FA82E7AE7A0C52C224380 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
02:09:11.0009 0x03bc  iwdbus - ok
02:09:11.0197 0x03bc  [ A326E83B46820EF62F7F0BA17A9DA542, 1CC6564B100517E62E7BACAC142F8B0C6B1800F16D9A25D95E9AA2C2CEC0E54B ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
02:09:11.0206 0x03bc  jhi_service - ok
02:09:11.0252 0x03bc  [ 45369E037410609D769852A1CE46A184, 752BE7BB167E602CD89D52E3A4382AF7C75033306E31884EC55872EF7A0A3EE2 ] k57nd60a        C:\WINDOWS\system32\DRIVERS\k57nd60a.sys
02:09:11.0258 0x03bc  k57nd60a - ok
02:09:11.0286 0x03bc  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
02:09:11.0288 0x03bc  kbdclass - ok
02:09:11.0291 0x03bc  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
02:09:11.0292 0x03bc  kbdhid - ok
02:09:11.0295 0x03bc  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic          C:\WINDOWS\system32\DRIVERS\kdnic.sys
02:09:11.0295 0x03bc  kdnic - ok
02:09:11.0302 0x03bc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
02:09:11.0303 0x03bc  KeyIso - ok
02:09:11.0309 0x03bc  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
02:09:11.0311 0x03bc  KSecDD - ok
02:09:11.0353 0x03bc  [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg        C:\WINDOWS\system32\Drivers\ksecpkg.sys
02:09:11.0356 0x03bc  KSecPkg - ok
02:09:11.0363 0x03bc  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk        C:\WINDOWS\system32\drivers\ksthunk.sys
02:09:11.0364 0x03bc  ksthunk - ok
02:09:11.0428 0x03bc  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm          C:\WINDOWS\system32\msdtckrm.dll
02:09:11.0445 0x03bc  KtmRm - ok
02:09:11.0475 0x03bc  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
02:09:11.0482 0x03bc  LanmanServer - ok
02:09:11.0547 0x03bc  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
02:09:11.0553 0x03bc  LanmanWorkstation - ok
02:09:11.0633 0x03bc  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc          C:\WINDOWS\System32\GeofenceMonitorService.dll
02:09:11.0641 0x03bc  lfsvc - ok
02:09:11.0658 0x03bc  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
02:09:11.0659 0x03bc  lltdio - ok
02:09:11.0706 0x03bc  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc        C:\WINDOWS\System32\lltdsvc.dll
02:09:11.0712 0x03bc  lltdsvc - ok
02:09:11.0738 0x03bc  [ 95DD1E89A772A383E0FDC677A2E2ED44, 94701ACC1F4D5422CB7084609BC25D34A05F68829DB5030AA6697BD7DBC3B0B2 ] LMDriver        C:\WINDOWS\System32\drivers\LMDriver.sys
02:09:11.0739 0x03bc  LMDriver - ok
02:09:11.0771 0x03bc  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts        C:\WINDOWS\System32\lmhsvc.dll
02:09:11.0777 0x03bc  lmhosts - ok
02:09:11.0895 0x03bc  [ 70C1B686CA9083970484DDDED4426A08, AA19295AC97EBE36E9CED4B162CBF1EEF4916B02FDA6255ACEF0492E79E94C64 ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
02:09:11.0901 0x03bc  LMS - ok
02:09:12.0086 0x03bc  [ E1A37D1BF2F57345D078C324693F6A38, 99EF79344DB7EB1EBCABA716112FD23A350574BD67C451F421207E5341704504 ] LMSvc          C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
02:09:12.0093 0x03bc  LMSvc - ok
02:09:12.0143 0x03bc  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS        C:\WINDOWS\system32\drivers\lsi_sas.sys
02:09:12.0148 0x03bc  LSI_SAS - ok
02:09:12.0168 0x03bc  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
02:09:12.0171 0x03bc  LSI_SAS2 - ok
02:09:12.0186 0x03bc  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
02:09:12.0188 0x03bc  LSI_SAS3 - ok
02:09:12.0211 0x03bc  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS        C:\WINDOWS\system32\drivers\lsi_sss.sys
02:09:12.0213 0x03bc  LSI_SSS - ok
02:09:12.0285 0x03bc  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM            C:\WINDOWS\System32\lsm.dll
02:09:12.0304 0x03bc  LSM - ok
02:09:12.0341 0x03bc  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv          C:\WINDOWS\system32\drivers\luafv.sys
02:09:12.0343 0x03bc  luafv - ok
02:09:12.0439 0x03bc  [ 0307CF4184F4F22DB75F36ACCCEF7ED1, 32EAC5DADDD70175EA7AD4FC0A8624BECB138B9ED9E66AF74AC4A06EEB3EB4B7 ] mbamchameleon  C:\WINDOWS\system32\drivers\mbamchameleon.sys
02:09:12.0445 0x03bc  mbamchameleon - ok
02:09:12.0495 0x03bc  [ CF12E148C6FC151335B7D7FE03F1C7A2, 7087DF6D884AF0A57AC22D7AE9C2903913AAB4CE52D19666B6513C3D5706E43C ] MBAMProtector  C:\WINDOWS\system32\drivers\mbam.sys
02:09:12.0496 0x03bc  MBAMProtector - ok
02:09:12.0596 0x03bc  [ E27891A49DF92004041FEC5C3A2D4230, A4679A1F10F84935875E35A83FC7075499B8F4CBB543209A38C0D946347CD264 ] MBAMService    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
02:09:12.0624 0x03bc  MBAMService - ok
02:09:12.0680 0x03bc  [ E9CD058C79EA15B4AA93E259FA713B07, 2B09F65188D8782F9C797545F2F791EC7EAB85D8914B2C0B30BD869C412E3980 ] MBAMSwissArmy  C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
02:09:12.0682 0x03bc  MBAMSwissArmy - ok
02:09:12.0716 0x03bc  [ 7FD0FDFB97D80B21195273C4C3810FE1, E1072821AB338F45740DE6CF7BDB7C676CC67AB4BFC2ACF78773ABB424152D2C ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
02:09:12.0717 0x03bc  MBAMWebAccessControl - ok
02:09:12.0775 0x03bc  [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
02:09:12.0779 0x03bc  McComponentHostService - ok
02:09:12.0806 0x03bc  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas        C:\WINDOWS\system32\drivers\megasas.sys
02:09:12.0810 0x03bc  megasas - ok
02:09:12.0847 0x03bc  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
02:09:12.0859 0x03bc  megasr - ok
02:09:12.0917 0x03bc  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
02:09:12.0919 0x03bc  MEIx64 - ok
02:09:12.0957 0x03bc  [ E97EE1F31F7E5349A06CE089658DA8A1, 8136155C734457E422331B3CBE67927C45FAB10B9B34789A612B58CF0E0E3BEC ] mfencrk        C:\WINDOWS\system32\DRIVERS\mfencrk.sys
02:09:12.0959 0x03bc  mfencrk - ok
02:09:12.0994 0x03bc  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS          C:\WINDOWS\system32\mmcss.dll
02:09:12.0997 0x03bc  MMCSS - ok
02:09:13.0010 0x03bc  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem          C:\WINDOWS\system32\drivers\modem.sys
02:09:13.0011 0x03bc  Modem - ok
02:09:13.0025 0x03bc  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor        C:\WINDOWS\System32\drivers\monitor.sys
02:09:13.0026 0x03bc  monitor - ok
02:09:13.0061 0x03bc  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
02:09:13.0063 0x03bc  mouclass - ok
02:09:13.0079 0x03bc  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
02:09:13.0080 0x03bc  mouhid - ok
02:09:13.0084 0x03bc  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
02:09:13.0086 0x03bc  mountmgr - ok
02:09:13.0120 0x03bc  [ 0A68B3E37961CEC327EED518F6D62530, EDEB16545ECDDEA2ADFF73E4DF3E9FD87E4B7126C8CFB037ABAF883D157103DE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:09:13.0123 0x03bc  MozillaMaintenance - ok
02:09:13.0128 0x03bc  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
02:09:13.0129 0x03bc  mpsdrv - ok
02:09:13.0190 0x03bc  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
02:09:13.0205 0x03bc  MpsSvc - ok
02:09:13.0257 0x03bc  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
02:09:13.0266 0x03bc  MRxDAV - ok
02:09:13.0314 0x03bc  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
02:09:13.0321 0x03bc  mrxsmb - ok
02:09:13.0345 0x03bc  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
02:09:13.0351 0x03bc  mrxsmb10 - ok
02:09:13.0362 0x03bc  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
02:09:13.0365 0x03bc  mrxsmb20 - ok
02:09:13.0392 0x03bc  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
02:09:13.0393 0x03bc  MsBridge - ok
02:09:13.0430 0x03bc  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC          C:\WINDOWS\System32\msdtc.exe
02:09:13.0434 0x03bc  MSDTC - ok
02:09:13.0445 0x03bc  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
02:09:13.0446 0x03bc  Msfs - ok
02:09:13.0494 0x03bc  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32    C:\WINDOWS\System32\drivers\msgpiowin32.sys
02:09:13.0495 0x03bc  msgpiowin32 - ok
02:09:13.0523 0x03bc  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf      C:\WINDOWS\System32\drivers\mshidkmdf.sys
02:09:13.0523 0x03bc  mshidkmdf - ok
02:09:13.0535 0x03bc  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf      C:\WINDOWS\System32\drivers\mshidumdf.sys
02:09:13.0537 0x03bc  mshidumdf - ok
02:09:13.0559 0x03bc  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
02:09:13.0561 0x03bc  msisadrv - ok
02:09:13.0592 0x03bc  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI        C:\WINDOWS\system32\iscsiexe.dll
02:09:13.0596 0x03bc  MSiSCSI - ok
02:09:13.0603 0x03bc  msiserver - ok
02:09:13.0628 0x03bc  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV        C:\WINDOWS\system32\drivers\MSKSSRV.sys
02:09:13.0629 0x03bc  MSKSSRV - ok
02:09:13.0672 0x03bc  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
02:09:13.0673 0x03bc  MsLldp - ok
02:09:13.0680 0x03bc  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
02:09:13.0681 0x03bc  MSPCLOCK - ok
02:09:13.0701 0x03bc  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM          C:\WINDOWS\system32\drivers\MSPQM.sys
02:09:13.0702 0x03bc  MSPQM - ok
02:09:13.0739 0x03bc  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC          C:\WINDOWS\system32\drivers\MsRPC.sys
02:09:13.0744 0x03bc  MsRPC - ok
02:09:13.0748 0x03bc  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
02:09:13.0749 0x03bc  mssmbios - ok
02:09:13.0767 0x03bc  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE          C:\WINDOWS\system32\drivers\MSTEE.sys
02:09:13.0768 0x03bc  MSTEE - ok
02:09:13.0784 0x03bc  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
02:09:13.0785 0x03bc  MTConfig - ok
02:09:13.0788 0x03bc  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup            C:\WINDOWS\system32\Drivers\mup.sys
02:09:13.0790 0x03bc  Mup - ok
02:09:13.0811 0x03bc  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
02:09:13.0812 0x03bc  mvumis - ok
02:09:13.0880 0x03bc  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
02:09:13.0915 0x03bc  napagent - ok
02:09:13.0959 0x03bc  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP    C:\WINDOWS\system32\DRIVERS\nwifi.sys
02:09:13.0972 0x03bc  NativeWifiP - ok
02:09:14.0106 0x03bc  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        c:\Program Files (x86)\Nero\Update\NASvc.exe
02:09:14.0117 0x03bc  NAUpdate - ok
02:09:14.0178 0x03bc  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
02:09:14.0182 0x03bc  NcaSvc - ok
02:09:14.0207 0x03bc  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
02:09:14.0211 0x03bc  NcbService - ok
02:09:14.0241 0x03bc  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
02:09:14.0243 0x03bc  NcdAutoSetup - ok
02:09:14.0304 0x03bc  [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
02:09:14.0319 0x03bc  NDIS - ok
02:09:14.0339 0x03bc  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap        C:\WINDOWS\system32\DRIVERS\ndiscap.sys
02:09:14.0340 0x03bc  NdisCap - ok
02:09:14.0354 0x03bc  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
02:09:14.0356 0x03bc  NdisImPlatform - ok
02:09:14.0418 0x03bc  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
02:09:14.0421 0x03bc  NdisTapi - ok
02:09:14.0446 0x03bc  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio        C:\WINDOWS\system32\DRIVERS\ndisuio.sys
02:09:14.0450 0x03bc  Ndisuio - ok
02:09:14.0462 0x03bc  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
02:09:14.0463 0x03bc  NdisVirtualBus - ok
02:09:14.0488 0x03bc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan        C:\WINDOWS\system32\DRIVERS\ndiswan.sys
02:09:14.0492 0x03bc  NdisWan - ok
02:09:14.0502 0x03bc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy  C:\WINDOWS\system32\DRIVERS\ndiswan.sys
02:09:14.0506 0x03bc  NdisWanLegacy - ok
02:09:14.0526 0x03bc  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy        C:\WINDOWS\system32\drivers\NDProxy.sys
02:09:14.0527 0x03bc  NDProxy - ok
02:09:14.0565 0x03bc  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu            C:\WINDOWS\system32\drivers\Ndu.sys
02:09:14.0567 0x03bc  Ndu - ok
02:09:14.0590 0x03bc  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS        C:\WINDOWS\system32\DRIVERS\netbios.sys
02:09:14.0591 0x03bc  NetBIOS - ok
02:09:14.0612 0x03bc  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT          C:\WINDOWS\system32\DRIVERS\netbt.sys
02:09:14.0616 0x03bc  NetBT - ok
02:09:14.0645 0x03bc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
02:09:14.0646 0x03bc  Netlogon - ok
02:09:14.0769 0x03bc  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
02:09:14.0775 0x03bc  Netman - ok
02:09:14.0972 0x03bc  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
02:09:14.0988 0x03bc  netprofm - ok
02:09:15.0319 0x03bc  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:09:15.0644 0x03bc  NetTcpPortSharing - ok
02:09:15.0676 0x03bc  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
02:09:15.0678 0x03bc  netvsc - ok
02:09:15.0723 0x03bc  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
02:09:15.0730 0x03bc  NlaSvc - ok
02:09:15.0741 0x03bc  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
02:09:15.0743 0x03bc  Npfs - ok
02:09:15.0752 0x03bc  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig      C:\WINDOWS\System32\drivers\npsvctrig.sys
02:09:15.0753 0x03bc  npsvctrig - ok
02:09:15.0788 0x03bc  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi            C:\WINDOWS\system32\nsisvc.dll
02:09:15.0790 0x03bc  nsi - ok
02:09:15.0804 0x03bc  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
02:09:15.0805 0x03bc  nsiproxy - ok
02:09:15.0894 0x03bc  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
02:09:15.0920 0x03bc  Ntfs - ok
02:09:15.0951 0x03bc  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
02:09:15.0952 0x03bc  Null - ok
02:09:16.0362 0x03bc  [ 7F58A8A5F208557F1FF8D7F45D5811DB, D9999DAD9BBBC907C8633AD08D90E40D861E9941A74CCF3C6183C9E220FEA0E9 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
02:09:16.0508 0x03bc  nvlddmkm - ok
02:09:16.0635 0x03bc  [ EC4F787905DC5753C46A4C05CEBADF45, 334E7E277A6FDABD91108DC4FE0D861DE6C00616CCFDC5E2D390CDDED62AF5D5 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
02:09:16.0660 0x03bc  NvNetworkService - ok
02:09:16.0690 0x03bc  [ BA17213DA758C56F3834FDF01BF22B4C, E162888B50FEDF96A02DF84E0BAF3F23EA4E4F2BD231DB3ACF4C4B40A5F566A8 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
02:09:16.0691 0x03bc  nvpciflt - ok
02:09:16.0729 0x03bc  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
02:09:16.0734 0x03bc  nvraid - ok
02:09:16.0758 0x03bc  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
02:09:16.0763 0x03bc  nvstor - ok
02:09:16.0814 0x03bc  [ D92F4ED189C8207D0274B8B6BB494892, 8F7656662D3F26BE51AED9B7368278B18915F98A627E70021F914016BF3E22DB ] NvStreamKms    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
02:09:16.0816 0x03bc  NvStreamKms - ok
02:09:16.0833 0x03bc  NvStreamSvc - ok
02:09:16.0898 0x03bc  [ 806069C408AE736E2182D2FF6C2FA8EE, 9C2D2309C4F4135772C53C10C7442BCA362657B062177B20C2F00DC2137E8362 ] nvsvc          C:\WINDOWS\system32\nvvsvc.exe
02:09:16.0915 0x03bc  nvsvc - ok
02:09:16.0990 0x03bc  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
02:09:16.0993 0x03bc  nvvad_WaveExtensible - ok
02:09:17.0021 0x03bc  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
02:09:17.0028 0x03bc  nv_agp - ok
02:09:17.0112 0x03bc  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:09:17.0115 0x03bc  ose - ok
02:09:17.0173 0x03bc  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
02:09:17.0196 0x03bc  p2pimsvc - ok
02:09:17.0231 0x03bc  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
02:09:17.0239 0x03bc  p2psvc - ok
02:09:17.0257 0x03bc  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport        C:\WINDOWS\System32\drivers\parport.sys
02:09:17.0259 0x03bc  Parport - ok
02:09:17.0290 0x03bc  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr        C:\WINDOWS\system32\drivers\partmgr.sys
02:09:17.0295 0x03bc  partmgr - ok
02:09:17.0340 0x03bc  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
02:09:17.0364 0x03bc  PcaSvc - ok
02:09:17.0380 0x03bc  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci            C:\WINDOWS\system32\drivers\pci.sys
02:09:17.0388 0x03bc  pci - ok
02:09:17.0405 0x03bc  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
02:09:17.0406 0x03bc  pciide - ok
02:09:17.0448 0x03bc  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
02:09:17.0451 0x03bc  pcmcia - ok
02:09:17.0455 0x03bc  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw            C:\WINDOWS\system32\drivers\pcw.sys
02:09:17.0456 0x03bc  pcw - ok
02:09:17.0479 0x03bc  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc            C:\WINDOWS\system32\drivers\pdc.sys
02:09:17.0482 0x03bc  pdc - ok
02:09:17.0535 0x03bc  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
02:09:17.0553 0x03bc  PEAUTH - ok
02:09:17.0738 0x03bc  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
02:09:17.0784 0x03bc  PerfHost - ok
02:09:17.0866 0x03bc  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla            C:\WINDOWS\system32\pla.dll
02:09:17.0900 0x03bc  pla - ok
02:09:17.0929 0x03bc  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
02:09:17.0932 0x03bc  PlugPlay - ok
02:09:17.0960 0x03bc  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg    C:\WINDOWS\system32\pnrpauto.dll
02:09:17.0962 0x03bc  PNRPAutoReg - ok
02:09:17.0982 0x03bc  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc        C:\WINDOWS\system32\pnrpsvc.dll
02:09:17.0988 0x03bc  PNRPsvc - ok
02:09:18.0022 0x03bc  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent    C:\WINDOWS\System32\ipsecsvc.dll
02:09:18.0030 0x03bc  PolicyAgent - ok
02:09:18.0035 0x03bc  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power          C:\WINDOWS\system32\umpo.dll
02:09:18.0038 0x03bc  Power - ok
02:09:18.0317 0x03bc  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify    C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
02:09:18.0431 0x03bc  PrintNotify - ok
02:09:18.0454 0x03bc  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor      C:\WINDOWS\System32\drivers\processr.sys
02:09:18.0456 0x03bc  Processor - ok
02:09:18.0500 0x03bc  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc        C:\WINDOWS\system32\profsvc.dll
02:09:18.0505 0x03bc  ProfSvc - ok
02:09:18.0540 0x03bc  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
02:09:18.0542 0x03bc  Psched - ok
02:09:18.0570 0x03bc  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE          C:\WINDOWS\system32\qwave.dll
02:09:18.0576 0x03bc  QWAVE - ok
02:09:18.0601 0x03bc  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
02:09:18.0602 0x03bc  QWAVEdrv - ok
02:09:18.0638 0x03bc  [ E94067155C8AA4EF134CB2528E0C9CD7, 6EEF603F64827AB138930DFE379BF8E48E64AE8AA5EE7B9E0CA369022BAAA2EA ] RadioShim      C:\WINDOWS\System32\drivers\RadioShim.sys
02:09:18.0639 0x03bc  RadioShim - ok
02:09:18.0679 0x03bc  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
02:09:18.0681 0x03bc  RasAcd - ok
02:09:18.0741 0x03bc  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto        C:\WINDOWS\System32\rasauto.dll
02:09:18.0745 0x03bc  RasAuto - ok
02:09:18.0786 0x03bc  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
02:09:18.0806 0x03bc  RasMan - ok
02:09:18.0830 0x03bc  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
02:09:18.0831 0x03bc  RasPppoe - ok
02:09:18.0935 0x03bc  [ 71FF75BAE3D6E362BE3AD07E26C2D00A, 33F82F817AAAD585D47112A88BCC9DC2FB1B7AB8448EE140FA00FA520D8647A7 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
02:09:18.0945 0x03bc  Razer Game Scanner Service - ok
02:09:18.0972 0x03bc  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss          C:\WINDOWS\system32\DRIVERS\rdbss.sys
02:09:18.0982 0x03bc  rdbss - ok
02:09:18.0999 0x03bc  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
02:09:19.0000 0x03bc  rdpbus - ok
02:09:19.0037 0x03bc  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR          C:\WINDOWS\system32\drivers\rdpdr.sys
02:09:19.0040 0x03bc  RDPDR - ok
02:09:19.0079 0x03bc  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
02:09:19.0081 0x03bc  RdpVideoMiniport - ok
02:09:19.0110 0x03bc  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
02:09:19.0118 0x03bc  rdyboost - ok
02:09:19.0185 0x03bc  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
02:09:19.0210 0x03bc  ReFS - ok
02:09:19.0260 0x03bc  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
02:09:19.0267 0x03bc  RemoteAccess - ok
02:09:19.0306 0x03bc  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
02:09:19.0310 0x03bc  RemoteRegistry - ok
02:09:19.0344 0x03bc  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
02:09:19.0346 0x03bc  RFCOMM - ok
02:09:19.0380 0x03bc  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
02:09:19.0383 0x03bc  RpcEptMapper - ok
02:09:19.0424 0x03bc  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
02:09:19.0426 0x03bc  RpcLocator - ok
02:09:19.0449 0x03bc  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs          C:\WINDOWS\system32\rpcss.dll
02:09:19.0460 0x03bc  RpcSs - ok
02:09:19.0504 0x03bc  [ 92650E6BFBB2F010C331DCDF49F09310, 0C7F2608A6051F7E932C9866EFAA13B0D57DF9D4FD88A178F737384C50719EB9 ] RSPCIESTOR      C:\WINDOWS\system32\DRIVERS\RtsPStor.sys
02:09:19.0511 0x03bc  RSPCIESTOR - ok
02:09:19.0540 0x03bc  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
02:09:19.0542 0x03bc  rspndr - ok
02:09:19.0589 0x03bc  [ 5160E65ABB33B77D8750BD78808FD316, D75ED07007B0A00B50BE43402B7EAA6513F6B4908B7A4A521370F616F58A09AC ] rzdaendpt      C:\WINDOWS\System32\drivers\rzdaendpt.sys
02:09:19.0592 0x03bc  rzdaendpt - ok
02:09:19.0607 0x03bc  [ F17F84511E7DFDEEAB646F0699A006D7, 5237937841FBD1F99A5D6161DEBA26182DDAF617CA98946EE7DB0AB67FC149EA ] rzpmgrk        C:\WINDOWS\system32\drivers\rzpmgrk.sys
02:09:19.0610 0x03bc  rzpmgrk - ok
02:09:19.0617 0x03bc  [ FEF60A37301E1F5A3020FA3487FB2CD7, 0C925468C3376458D0E1EC65E097BD1A81A03901035C0195E8F6EF904EF3F901 ] rzpnk          C:\WINDOWS\system32\drivers\rzpnk.sys
02:09:19.0621 0x03bc  rzpnk - ok
02:09:19.0672 0x03bc  [ 77C5AB228FE307C55FEF0C575E218771, 73C9D4593DA694B2D52817F608E749296D9CC1C44906C97204595476B68AD50F ] rzudd          C:\WINDOWS\System32\drivers\rzudd.sys
02:09:19.0678 0x03bc  rzudd - ok
02:09:19.0719 0x03bc  [ 6BD87A54B92C7D41345A079D5B5C68FF, DFC20DF473A2575AB1DFE317532F0E09B4901B6761034CE52BA13C28A608C127 ] rzvkeyboard    C:\WINDOWS\System32\drivers\rzvkeyboard.sys
02:09:19.0722 0x03bc  rzvkeyboard - ok
02:09:19.0745 0x03bc  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap          C:\WINDOWS\System32\drivers\vms3cap.sys
02:09:19.0747 0x03bc  s3cap - ok
02:09:19.0770 0x03bc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs          C:\WINDOWS\system32\lsass.exe
02:09:19.0772 0x03bc  SamSs - ok
02:09:19.0821 0x03bc  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
02:09:19.0825 0x03bc  sbp2port - ok
02:09:19.0863 0x03bc  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
02:09:19.0869 0x03bc  SCardSvr - ok
02:09:19.0889 0x03bc  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
02:09:19.0894 0x03bc  ScDeviceEnum - ok
02:09:19.0928 0x03bc  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
02:09:19.0930 0x03bc  scfilter - ok
02:09:20.0035 0x03bc  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
02:09:20.0076 0x03bc  Schedule - ok
02:09:20.0100 0x03bc  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc    C:\WINDOWS\System32\certprop.dll
02:09:20.0103 0x03bc  SCPolicySvc - ok
02:09:20.0145 0x03bc  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus          C:\WINDOWS\System32\drivers\sdbus.sys
02:09:20.0151 0x03bc  sdbus - ok
02:09:20.0197 0x03bc  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
02:09:20.0199 0x03bc  sdstor - ok
02:09:20.0224 0x03bc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
02:09:20.0225 0x03bc  secdrv - ok
02:09:20.0250 0x03bc  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
02:09:20.0252 0x03bc  seclogon - ok
02:09:20.0279 0x03bc  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
02:09:20.0282 0x03bc  SENS - ok
02:09:20.0300 0x03bc  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
02:09:20.0305 0x03bc  SensrSvc - ok
02:09:20.0334 0x03bc  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx          C:\WINDOWS\system32\drivers\SerCx.sys
02:09:20.0335 0x03bc  SerCx - ok
02:09:20.0353 0x03bc  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
02:09:20.0356 0x03bc  SerCx2 - ok
02:09:20.0380 0x03bc  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum        C:\WINDOWS\System32\drivers\serenum.sys
02:09:20.0381 0x03bc  Serenum - ok
02:09:20.0415 0x03bc  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
02:09:20.0420 0x03bc  Serial - ok
02:09:20.0424 0x03bc  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
02:09:20.0425 0x03bc  sermouse - ok
02:09:20.0542 0x03bc  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
02:09:20.0549 0x03bc  SessionEnv - ok
02:09:20.0552 0x03bc  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy        C:\WINDOWS\System32\drivers\sfloppy.sys
02:09:20.0553 0x03bc  sfloppy - ok
02:09:20.0620 0x03bc  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
02:09:20.0628 0x03bc  SharedAccess - ok
02:09:20.0710 0x03bc  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
02:09:20.0722 0x03bc  ShellHWDetection - ok
02:09:20.0748 0x03bc  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
02:09:20.0749 0x03bc  SiSRaid2 - ok
02:09:20.0778 0x03bc  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
02:09:20.0780 0x03bc  SiSRaid4 - ok
02:09:20.0851 0x03bc  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost        C:\WINDOWS\System32\smphost.dll
02:09:20.0853 0x03bc  smphost - ok
02:09:20.0881 0x03bc  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
02:09:20.0883 0x03bc  SNMPTRAP - ok
02:09:20.0930 0x03bc  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport      C:\WINDOWS\system32\drivers\spaceport.sys
02:09:20.0939 0x03bc  spaceport - ok
02:09:20.0961 0x03bc  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx          C:\WINDOWS\system32\drivers\SpbCx.sys
02:09:20.0963 0x03bc  SpbCx - ok
02:09:21.0072 0x03bc  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler        C:\WINDOWS\System32\spoolsv.exe
02:09:21.0086 0x03bc  Spooler - ok
02:09:21.0268 0x03bc  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
02:09:21.0352 0x03bc  sppsvc - ok
02:09:21.0399 0x03bc  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv            C:\WINDOWS\system32\DRIVERS\srv.sys
02:09:21.0405 0x03bc  srv - ok
02:09:21.0418 0x03bc  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
02:09:21.0427 0x03bc  srv2 - ok
02:09:21.0456 0x03bc  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
02:09:21.0460 0x03bc  srvnet - ok
02:09:21.0529 0x03bc  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV        C:\WINDOWS\System32\ssdpsrv.dll
02:09:21.0535 0x03bc  SSDPSRV - ok
02:09:21.0598 0x03bc  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc        C:\WINDOWS\system32\sstpsvc.dll
02:09:21.0610 0x03bc  SstpSvc - ok
02:09:21.0697 0x03bc  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm        C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
02:09:21.0708 0x03bc  ssudmdm - ok
02:09:21.0788 0x03bc  [ 5317D001B40EAF91ECA71644F1B984C6, 43F2D5E025527EE19483D0FCA1C8559740556B8F60EE1B4D6AC4BFB826F4162D ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
02:09:21.0819 0x03bc  Steam Client Service - ok
02:09:21.0870 0x03bc  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
02:09:21.0871 0x03bc  stexstor - ok
02:09:22.0012 0x03bc  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
02:09:22.0029 0x03bc  stisvc - ok
02:09:22.0061 0x03bc  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
02:09:22.0062 0x03bc  storahci - ok
02:09:22.0091 0x03bc  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt        C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
02:09:22.0092 0x03bc  storflt - ok
02:09:22.0111 0x03bc  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
02:09:22.0115 0x03bc  stornvme - ok
02:09:22.0172 0x03bc  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc        C:\WINDOWS\system32\storsvc.dll
02:09:22.0177 0x03bc  StorSvc - ok
02:09:22.0199 0x03bc  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc        C:\WINDOWS\system32\drivers\storvsc.sys
02:09:22.0201 0x03bc  storvsc - ok
02:09:22.0237 0x03bc  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc          C:\WINDOWS\system32\svsvc.dll
02:09:22.0239 0x03bc  svsvc - ok
02:09:22.0255 0x03bc  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
02:09:22.0255 0x03bc  swenum - ok
02:09:22.0312 0x03bc  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv          C:\WINDOWS\System32\swprv.dll
02:09:22.0328 0x03bc  swprv - ok
02:09:22.0421 0x03bc  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain        C:\WINDOWS\system32\sysmain.dll
02:09:22.0453 0x03bc  SysMain - ok
02:09:22.0493 0x03bc  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
02:09:22.0499 0x03bc  SystemEventsBroker - ok
02:09:22.0547 0x03bc  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
02:09:22.0554 0x03bc  TabletInputService - ok
02:09:22.0589 0x03bc  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv        C:\WINDOWS\System32\tapisrv.dll
02:09:22.0600 0x03bc  TapiSrv - ok
02:09:22.0736 0x03bc  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip          C:\WINDOWS\system32\drivers\tcpip.sys
02:09:22.0769 0x03bc  Tcpip - ok
02:09:22.0888 0x03bc  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
02:09:22.0921 0x03bc  TCPIP6 - ok
02:09:22.0955 0x03bc  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
02:09:22.0956 0x03bc  tcpipreg - ok
02:09:22.0989 0x03bc  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx            C:\WINDOWS\system32\DRIVERS\tdx.sys
02:09:22.0990 0x03bc  tdx - ok
02:09:23.0008 0x03bc  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
02:09:23.0010 0x03bc  terminpt - ok
02:09:23.0100 0x03bc  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService    C:\WINDOWS\System32\termsrv.dll
02:09:23.0118 0x03bc  TermService - ok
02:09:23.0134 0x03bc  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
02:09:23.0136 0x03bc  Themes - ok
02:09:23.0168 0x03bc  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER    C:\WINDOWS\system32\mmcss.dll
02:09:23.0170 0x03bc  THREADORDER - ok
02:09:23.0197 0x03bc  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
02:09:23.0202 0x03bc  TimeBroker - ok
02:09:23.0277 0x03bc  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM            C:\WINDOWS\system32\drivers\tpm.sys
02:09:23.0286 0x03bc  TPM - ok
02:09:23.0324 0x03bc  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
02:09:23.0331 0x03bc  TrkWks - ok
02:09:23.0414 0x03bc  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
02:09:23.0425 0x03bc  TrustedInstaller - ok
02:09:23.0453 0x03bc  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
02:09:23.0456 0x03bc  TsUsbFlt - ok
02:09:23.0475 0x03bc  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD        C:\WINDOWS\System32\drivers\TsUsbGD.sys
02:09:23.0476 0x03bc  TsUsbGD - ok
02:09:23.0524 0x03bc  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
02:09:23.0530 0x03bc  tunnel - ok
02:09:23.0545 0x03bc  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
02:09:23.0546 0x03bc  uagp35 - ok
02:09:23.0589 0x03bc  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
02:09:23.0590 0x03bc  UASPStor - ok
02:09:23.0602 0x03bc  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
02:09:23.0606 0x03bc  UCX01000 - ok
02:09:23.0634 0x03bc  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
02:09:23.0638 0x03bc  udfs - ok
02:09:23.0659 0x03bc  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
02:09:23.0660 0x03bc  UEFI - ok
02:09:23.0693 0x03bc  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect      C:\WINDOWS\system32\UI0Detect.exe
02:09:23.0697 0x03bc  UI0Detect - ok
02:09:23.0717 0x03bc  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
02:09:23.0720 0x03bc  uliagpkx - ok
02:09:23.0724 0x03bc  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus          C:\WINDOWS\System32\drivers\umbus.sys
02:09:23.0725 0x03bc  umbus - ok
02:09:23.0739 0x03bc  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
02:09:23.0739 0x03bc  UmPass - ok
02:09:23.0860 0x03bc  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
02:09:23.0875 0x03bc  UmRdpService - ok
02:09:23.0903 0x03bc  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
02:09:23.0912 0x03bc  upnphost - ok
02:09:23.0933 0x03bc  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
02:09:23.0935 0x03bc  usbaudio - ok
02:09:23.0971 0x03bc  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp        C:\WINDOWS\System32\drivers\usbccgp.sys
02:09:23.0973 0x03bc  usbccgp - ok
02:09:23.0993 0x03bc  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
02:09:23.0995 0x03bc  usbcir - ok
02:09:24.0008 0x03bc  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci        C:\WINDOWS\System32\drivers\usbehci.sys
02:09:24.0011 0x03bc  usbehci - ok
02:09:24.0023 0x03bc  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
02:09:24.0029 0x03bc  usbhub - ok
02:09:24.0047 0x03bc  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3        C:\WINDOWS\System32\drivers\UsbHub3.sys
02:09:24.0053 0x03bc  USBHUB3 - ok
02:09:24.0070 0x03bc  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci        C:\WINDOWS\System32\drivers\usbohci.sys
02:09:24.0071 0x03bc  usbohci - ok
02:09:24.0087 0x03bc  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
02:09:24.0088 0x03bc  usbprint - ok
02:09:24.0143 0x03bc  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR        C:\WINDOWS\System32\drivers\USBSTOR.SYS
02:09:24.0145 0x03bc  USBSTOR - ok
02:09:24.0163 0x03bc  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci        C:\WINDOWS\System32\drivers\usbuhci.sys
02:09:24.0164 0x03bc  usbuhci - ok
02:09:24.0191 0x03bc  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
02:09:24.0194 0x03bc  usbvideo - ok
02:09:24.0256 0x03bc  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI        C:\WINDOWS\System32\drivers\USBXHCI.SYS
02:09:24.0262 0x03bc  USBXHCI - ok
02:09:24.0275 0x03bc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
02:09:24.0276 0x03bc  VaultSvc - ok
02:09:24.0279 0x03bc  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
02:09:24.0280 0x03bc  vdrvroot - ok
02:09:24.0344 0x03bc  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds            C:\WINDOWS\System32\vds.exe
02:09:24.0379 0x03bc  vds - ok
02:09:24.0398 0x03bc  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt    C:\WINDOWS\system32\drivers\VerifierExt.sys
02:09:24.0401 0x03bc  VerifierExt - ok
02:09:24.0491 0x03bc  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp          C:\WINDOWS\System32\drivers\vhdmp.sys
02:09:24.0508 0x03bc  vhdmp - ok
02:09:24.0549 0x03bc  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
02:09:24.0550 0x03bc  viaide - ok
02:09:24.0577 0x03bc  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus          C:\WINDOWS\system32\drivers\vmbus.sys
02:09:24.0579 0x03bc  vmbus - ok
02:09:24.0588 0x03bc  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
02:09:24.0589 0x03bc  VMBusHID - ok
02:09:24.0633 0x03bc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
02:09:24.0644 0x03bc  vmicguestinterface - ok
02:09:24.0655 0x03bc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat  C:\WINDOWS\System32\ICSvc.dll
02:09:24.0662 0x03bc  vmicheartbeat - ok
02:09:24.0674 0x03bc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
02:09:24.0682 0x03bc  vmickvpexchange - ok
02:09:24.0697 0x03bc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv        C:\WINDOWS\System32\ICSvc.dll
02:09:24.0711 0x03bc  vmicrdv - ok
02:09:24.0740 0x03bc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
02:09:24.0748 0x03bc  vmicshutdown - ok
02:09:24.0792 0x03bc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
02:09:24.0799 0x03bc  vmictimesync - ok
02:09:24.0833 0x03bc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss        C:\WINDOWS\System32\ICSvc.dll
02:09:24.0841 0x03bc  vmicvss - ok
02:09:24.0890 0x03bc  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
02:09:24.0891 0x03bc  volmgr - ok
02:09:24.0914 0x03bc  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx        C:\WINDOWS\system32\drivers\volmgrx.sys
02:09:24.0920 0x03bc  volmgrx - ok
02:09:24.0951 0x03bc  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap        C:\WINDOWS\system32\drivers\volsnap.sys
02:09:24.0955 0x03bc  volsnap - ok
02:09:24.0980 0x03bc  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
02:09:24.0981 0x03bc  vpci - ok
02:09:25.0024 0x03bc  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid        C:\WINDOWS\system32\drivers\vsmraid.sys
02:09:25.0030 0x03bc  vsmraid - ok
02:09:25.0119 0x03bc  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS            C:\WINDOWS\system32\vssvc.exe
02:09:25.0144 0x03bc  VSS - ok
02:09:25.0176 0x03bc  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
02:09:25.0180 0x03bc  VSTXRAID - ok
02:09:25.0229 0x03bc  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
02:09:25.0230 0x03bc  vwifibus - ok
02:09:25.0283 0x03bc  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
02:09:25.0287 0x03bc  vwififlt - ok
02:09:25.0327 0x03bc  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp        C:\WINDOWS\system32\DRIVERS\vwifimp.sys
02:09:25.0328 0x03bc  vwifimp - ok
02:09:25.0411 0x03bc  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time        C:\WINDOWS\system32\w32time.dll
02:09:25.0431 0x03bc  W32Time - ok
02:09:25.0465 0x03bc  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
02:09:25.0466 0x03bc  WacomPen - ok
02:09:25.0621 0x03bc  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
02:09:25.0646 0x03bc  wbengine - ok
02:09:25.0741 0x03bc  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
02:09:25.0750 0x03bc  WbioSrvc - ok
02:09:25.0782 0x03bc  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
02:09:25.0790 0x03bc  Wcmsvc - ok
02:09:25.0810 0x03bc  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc        C:\WINDOWS\System32\wcncsvc.dll
02:09:25.0819 0x03bc  wcncsvc - ok
02:09:25.0847 0x03bc  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
02:09:25.0849 0x03bc  WcsPlugInService - ok
02:09:25.0863 0x03bc  [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
02:09:25.0864 0x03bc  WdBoot - ok
02:09:25.0903 0x03bc  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
02:09:25.0927 0x03bc  Wdf01000 - ok
02:09:25.0942 0x03bc  [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys

Faru 02.04.2015 01:43
Code:
02:09:25.0947 0x03bc  WdFilter - ok
02:09:25.0982 0x03bc  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
02:09:25.0985 0x03bc  WdiServiceHost - ok
02:09:25.0994 0x03bc  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost  C:\WINDOWS\system32\wdi.dll
02:09:25.0997 0x03bc  WdiSystemHost - ok
02:09:26.0015 0x03bc  [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
02:09:26.0018 0x03bc  WdNisDrv - ok
02:09:26.0052 0x03bc  WdNisSvc - ok
02:09:26.0077 0x03bc  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient      C:\WINDOWS\System32\webclnt.dll
02:09:26.0082 0x03bc  WebClient - ok
02:09:26.0119 0x03bc  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
02:09:26.0124 0x03bc  Wecsvc - ok
02:09:26.0143 0x03bc  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
02:09:26.0144 0x03bc  WEPHOSTSVC - ok
02:09:26.0161 0x03bc  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport  C:\WINDOWS\System32\wercplsupport.dll
02:09:26.0164 0x03bc  wercplsupport - ok
02:09:26.0182 0x03bc  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
02:09:26.0185 0x03bc  WerSvc - ok
02:09:26.0229 0x03bc  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS        C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
02:09:26.0233 0x03bc  WFPLWFS - ok
02:09:26.0255 0x03bc  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
02:09:26.0258 0x03bc  WiaRpc - ok
02:09:26.0276 0x03bc  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
02:09:26.0280 0x03bc  WIMMount - ok
02:09:26.0282 0x03bc  WinDefend - ok
02:09:26.0390 0x03bc  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
02:09:26.0414 0x03bc  WinHttpAutoProxySvc - ok
02:09:26.0515 0x03bc  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt        C:\WINDOWS\system32\wbem\WMIsvc.dll
02:09:26.0521 0x03bc  Winmgmt - ok
02:09:26.0642 0x03bc  [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM          C:\WINDOWS\system32\WsmSvc.dll
02:09:26.0704 0x03bc  WinRM - ok
02:09:26.0767 0x03bc  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
02:09:26.0770 0x03bc  WinUsb - ok
02:09:26.0853 0x03bc  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc        C:\WINDOWS\System32\wlansvc.dll
02:09:26.0886 0x03bc  WlanSvc - ok
02:09:26.0944 0x03bc  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc        C:\WINDOWS\system32\wlidsvc.dll
02:09:26.0979 0x03bc  wlidsvc - ok
02:09:26.0991 0x03bc  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi        C:\WINDOWS\System32\drivers\wmiacpi.sys
02:09:26.0991 0x03bc  WmiAcpi - ok
02:09:27.0030 0x03bc  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
02:09:27.0034 0x03bc  wmiApSrv - ok
02:09:27.0074 0x03bc  WMPNetworkSvc - ok
02:09:27.0103 0x03bc  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof            C:\WINDOWS\system32\drivers\Wof.sys
02:09:27.0106 0x03bc  Wof - ok
02:09:27.0242 0x03bc  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
02:09:27.0282 0x03bc  workfolderssvc - ok
02:09:27.0310 0x03bc  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr        C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
02:09:27.0311 0x03bc  wpcfltr - ok
02:09:27.0325 0x03bc  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
02:09:27.0327 0x03bc  WPCSvc - ok
02:09:27.0338 0x03bc  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
02:09:27.0341 0x03bc  WPDBusEnum - ok
02:09:27.0361 0x03bc  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr      C:\WINDOWS\system32\drivers\WpdUpFltr.sys
02:09:27.0363 0x03bc  WpdUpFltr - ok
02:09:27.0409 0x03bc  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl        C:\WINDOWS\system32\drivers\ws2ifsl.sys
02:09:27.0410 0x03bc  ws2ifsl - ok
02:09:27.0451 0x03bc  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
02:09:27.0464 0x03bc  wscsvc - ok
02:09:27.0472 0x03bc  WSearch - ok
02:09:27.0615 0x03bc  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService      C:\WINDOWS\System32\WSService.dll
02:09:27.0723 0x03bc  WSService - ok
02:09:27.0793 0x03bc  [ 0ECE1883160759330E896B82A9EBB70B, 6D35A50C80F1A5329D2C575B3FD2C3EEF43992CFA48F9EA6F559D16B9A9502C5 ] WTGService      C:\Program Files (x86)\3DataManager\WTGService.exe
02:09:27.0803 0x03bc  WTGService - ok
02:09:27.0984 0x03bc  [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
02:09:28.0076 0x03bc  wuauserv - ok
02:09:28.0122 0x03bc  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
02:09:28.0124 0x03bc  WudfPf - ok
02:09:28.0192 0x03bc  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
02:09:28.0196 0x03bc  WUDFRd - ok
02:09:28.0208 0x03bc  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
02:09:28.0211 0x03bc  WUDFSensorLP - ok
02:09:28.0227 0x03bc  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc        C:\WINDOWS\System32\WUDFSvc.dll
02:09:28.0231 0x03bc  wudfsvc - ok
02:09:28.0237 0x03bc  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
02:09:28.0241 0x03bc  WUDFWpdFs - ok
02:09:28.0267 0x03bc  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
02:09:28.0270 0x03bc  WUDFWpdMtp - ok
02:09:28.0328 0x03bc  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc        C:\WINDOWS\System32\wwansvc.dll
02:09:28.0337 0x03bc  WwanSvc - ok
02:09:28.0346 0x03bc  ================ Scan global ===============================
02:09:28.0444 0x03bc  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
02:09:28.0488 0x03bc  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
02:09:28.0532 0x03bc  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
02:09:28.0580 0x03bc  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
02:09:28.0586 0x03bc  [ Global ] - ok
02:09:28.0587 0x03bc  ================ Scan MBR ==================================
02:09:28.0607 0x03bc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
02:09:28.0621 0x03bc  \Device\Harddisk0\DR0 - ok
02:09:28.0622 0x03bc  ================ Scan VBR ==================================
02:09:28.0626 0x03bc  [ 79E05C9584EA03BB3C868BC23A07698E ] \Device\Harddisk0\DR0\Partition1
02:09:28.0633 0x03bc  \Device\Harddisk0\DR0\Partition1 - ok
02:09:28.0647 0x03bc  [ 9142B71EFBDC0FB443F0D55B8E416149 ] \Device\Harddisk0\DR0\Partition2
02:09:28.0658 0x03bc  \Device\Harddisk0\DR0\Partition2 - ok
02:09:28.0683 0x03bc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
02:09:28.0683 0x03bc  \Device\Harddisk0\DR0\Partition3 - ok
02:09:28.0694 0x03bc  [ C28B69D5EB29E643F9419574F7D1077A ] \Device\Harddisk0\DR0\Partition4
02:09:28.0756 0x03bc  \Device\Harddisk0\DR0\Partition4 - ok
02:09:28.0785 0x03bc  [ 13E888D9B6C5EEF316B4FE5CFB06828D ] \Device\Harddisk0\DR0\Partition5
02:09:28.0875 0x03bc  \Device\Harddisk0\DR0\Partition5 - ok
02:09:28.0908 0x03bc  [ D6FF1BD3BB12C448ED05C6FA9A038F40 ] \Device\Harddisk0\DR0\Partition6
02:09:29.0202 0x03bc  \Device\Harddisk0\DR0\Partition6 - ok
02:09:29.0202 0x03bc  ================ Scan generic autorun ======================
02:09:30.0155 0x03bc  [ 6DDA13FB28B620FEE52E0E616F4E7B70, 8C75E17E2C0C81BA3D1660ACB73591C181C3BD15237DF3A2E9734A7FF365C16A ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
02:09:30.0329 0x03bc  RtHDVCpl - ok
02:09:30.0395 0x03bc  [ 45D629AAF007A0DED6689A7A031D2AC7, DD10DEA927A2CC16EE38765DD1DE45E88288C09923DC14A95C1C6E457D535BCC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
02:09:30.0411 0x03bc  RtHDVBg_Dolby - ok
02:09:30.0412 0x03bc  ETDCtrl - ok
02:09:30.0447 0x03bc  [ F81335DDF58DE487446438A5CBBC782F, E0C2350547B4B66C709679551177188C31E134E019011A703CAB39F9172731BC ] C:\Windows\system32\igfxtray.exe
02:09:30.0453 0x03bc  IgfxTray - ok
02:09:30.0455 0x03bc  HotKeysCmds - ok
02:09:30.0456 0x03bc  Persistence - ok
02:09:30.0591 0x03bc  [ 1F441326CD77B3F1532D487004B180FF, FD2FE6EECE1EF99F800DAF7B0C825C94FACE4C6D5806A2335B4D3C41F1E87F7F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
02:09:30.0625 0x03bc  NvBackend - ok
02:09:30.0691 0x03bc  [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\WINDOWS\system32\rundll32.exe
02:09:30.0693 0x03bc  ShadowPlay - ok
02:09:30.0779 0x03bc  [ 9153F2335BCDB87F41559CF066223BF9, C0F89F9A63B1F49F007A971F5180128EC0AFBBBF7CFA82CA1FA44CB9DB5F8BB3 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
02:09:30.0786 0x03bc  SunJavaUpdateSched - ok
02:09:30.0944 0x03bc  [ 32E6162E6DD6D25EEA08F926151F22F6, 0160C1738C79DAC3D7C3C72B5B00D08570B3D6051E171C9978EA8D55A528CE5E ] C:\Program Files (x86)\Steam\steam.exe
02:09:30.0981 0x03bc  Steam - ok
02:09:31.0095 0x03bc  UPNP Service - ok
02:09:31.0095 0x03bc  Waiting for KSN requests completion. In queue: 125
02:09:32.0096 0x03bc  Waiting for KSN requests completion. In queue: 125
02:09:33.0097 0x03bc  Waiting for KSN requests completion. In queue: 125
02:09:34.0140 0x03bc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
02:09:34.0142 0x03bc  Win FW state via NFP2: enabled
02:09:36.0493 0x03bc  ============================================================
02:09:36.0493 0x03bc  Scan finished
02:09:36.0493 0x03bc  ============================================================
02:09:36.0500 0x083c  Detected object count: 0
02:09:36.0500 0x083c  Actual detected object count: 0
02:10:49.0702 0x0bb8  ============================================================
02:10:49.0702 0x0bb8  Scan started
02:10:49.0702 0x0bb8  Mode: Manual;
02:10:49.0702 0x0bb8  ============================================================
02:10:49.0702 0x0bb8  KSN ping started
02:10:52.0017 0x0bb8  KSN ping finished: true
02:10:58.0603 0x0bb8  ================ Scan system memory ========================
02:10:58.0604 0x0bb8  System memory - ok
02:10:58.0604 0x0bb8  ================ Scan services =============================
02:10:58.0918 0x0bb8  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
02:10:58.0921 0x0bb8  1394ohci - ok
02:10:58.0936 0x0bb8  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware          C:\WINDOWS\system32\drivers\3ware.sys
02:10:58.0938 0x0bb8  3ware - ok
02:10:58.0975 0x0bb8  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
02:10:58.0982 0x0bb8  ACPI - ok
02:10:58.0987 0x0bb8  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
02:10:58.0989 0x0bb8  acpiex - ok
02:10:59.0014 0x0bb8  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
02:10:59.0015 0x0bb8  acpipagr - ok
02:10:59.0051 0x0bb8  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi        C:\WINDOWS\System32\drivers\acpipmi.sys
02:10:59.0052 0x0bb8  AcpiPmi - ok
02:10:59.0055 0x0bb8  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
02:10:59.0056 0x0bb8  acpitime - ok
02:10:59.0406 0x0bb8  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
02:10:59.0420 0x0bb8  AdobeFlashPlayerUpdateSvc - ok
02:10:59.0510 0x0bb8  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX        C:\WINDOWS\system32\drivers\ADP80XX.SYS
02:10:59.0525 0x0bb8  ADP80XX - ok
02:10:59.0562 0x0bb8  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc    C:\WINDOWS\System32\aelupsvc.dll
02:10:59.0565 0x0bb8  AeLookupSvc - ok
02:10:59.0589 0x0bb8  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD            C:\WINDOWS\system32\drivers\afd.sys
02:10:59.0597 0x0bb8  AFD - ok
02:10:59.0627 0x0bb8  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
02:10:59.0628 0x0bb8  agp440 - ok
02:10:59.0683 0x0bb8  [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache        C:\WINDOWS\system32\DRIVERS\ahcache.sys
02:10:59.0688 0x0bb8  ahcache - ok
02:10:59.0715 0x0bb8  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG            C:\WINDOWS\System32\alg.exe
02:10:59.0718 0x0bb8  ALG - ok
02:10:59.0749 0x0bb8  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8          C:\WINDOWS\System32\drivers\amdk8.sys
02:10:59.0750 0x0bb8  AmdK8 - ok
02:10:59.0780 0x0bb8  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
02:10:59.0781 0x0bb8  AmdPPM - ok
02:10:59.0861 0x0bb8  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata        C:\WINDOWS\system32\drivers\amdsata.sys
02:10:59.0866 0x0bb8  amdsata - ok
02:10:59.0893 0x0bb8  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
02:10:59.0900 0x0bb8  amdsbs - ok
02:10:59.0939 0x0bb8  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata        C:\WINDOWS\system32\drivers\amdxata.sys
02:10:59.0939 0x0bb8  amdxata - ok
02:11:00.0002 0x0bb8  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID          C:\WINDOWS\system32\drivers\appid.sys
02:11:00.0007 0x0bb8  AppID - ok
02:11:00.0041 0x0bb8  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
02:11:00.0043 0x0bb8  AppIDSvc - ok
02:11:00.0092 0x0bb8  [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo        C:\WINDOWS\System32\appinfo.dll
02:11:00.0098 0x0bb8  Appinfo - ok
02:11:00.0147 0x0bb8  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
02:11:00.0159 0x0bb8  AppReadiness - ok
02:11:00.0212 0x0bb8  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc        C:\WINDOWS\system32\appxdeploymentserver.dll
02:11:00.0231 0x0bb8  AppXSvc - ok
02:11:00.0269 0x0bb8  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
02:11:00.0271 0x0bb8  arcsas - ok
02:11:00.0296 0x0bb8  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi          C:\WINDOWS\system32\drivers\atapi.sys
02:11:00.0297 0x0bb8  atapi - ok
02:11:00.0326 0x0bb8  [ 62A40F3DFF2B40915A1981285B14EFD4, 02F19978D153E816A6A879F6D0D67B2AB89F5964B86953F11B82D9970C3ED963 ] AthBTPort      C:\WINDOWS\system32\DRIVERS\btath_flt.sys
02:11:00.0328 0x0bb8  AthBTPort - ok
02:11:00.0451 0x0bb8  [ A917E4F753B90A5181ECBFA56D5C154A, 4025FC65AB44AE5FDF6D144F16873C1E165D9EB7C4BF0570C996F2D7C8B71A1E ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
02:11:00.0454 0x0bb8  AtherosSvc - ok
02:11:00.0674 0x0bb8  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
02:11:00.0723 0x0bb8  athr - ok
02:11:00.0781 0x0bb8  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
02:11:00.0792 0x0bb8  AudioEndpointBuilder - ok
02:11:00.0875 0x0bb8  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
02:11:00.0887 0x0bb8  Audiosrv - ok
02:11:00.0917 0x0bb8  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
02:11:00.0919 0x0bb8  AxInstSV - ok
02:11:01.0005 0x0bb8  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv        C:\WINDOWS\system32\drivers\bxvbda.sys
02:11:01.0019 0x0bb8  b06bdrv - ok
02:11:01.0055 0x0bb8  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
02:11:01.0056 0x0bb8  BasicDisplay - ok
02:11:01.0062 0x0bb8  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender    C:\WINDOWS\System32\drivers\BasicRender.sys
02:11:01.0063 0x0bb8  BasicRender - ok
02:11:01.0097 0x0bb8  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
02:11:01.0098 0x0bb8  bcmfn2 - ok
02:11:01.0151 0x0bb8  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
02:11:01.0156 0x0bb8  BDESVC - ok
02:11:01.0184 0x0bb8  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
02:11:01.0185 0x0bb8  Beep - ok
02:11:01.0284 0x0bb8  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE            C:\WINDOWS\System32\bfe.dll
02:11:01.0302 0x0bb8  BFE - ok
02:11:01.0495 0x0bb8  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
02:11:01.0517 0x0bb8  BITS - ok
02:11:01.0534 0x0bb8  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
02:11:01.0536 0x0bb8  bowser - ok
02:11:01.0597 0x0bb8  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
02:11:01.0611 0x0bb8  BrokerInfrastructure - ok
02:11:01.0684 0x0bb8  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser        C:\WINDOWS\System32\browser.dll
02:11:01.0692 0x0bb8  Browser - ok
02:11:01.0731 0x0bb8  [ 6BF12F3F3A5D3F2866E69B8B463BC0CD, E6D3358ABCF16ED2E68A93171C5E84D797137898BB2231E26FF0E4A07B8ADB22 ] BTATH_A2DP      C:\WINDOWS\system32\drivers\btath_a2dp.sys
02:11:01.0742 0x0bb8  BTATH_A2DP - ok
02:11:01.0766 0x0bb8  [ DC7038090A369FE866B76DB18E356558, 6782DBDDA352FBF8C2F5F6A90591794B569F2897AA5BD901AF062E774E734E48 ] btath_avdt      C:\WINDOWS\system32\drivers\btath_avdt.sys
02:11:01.0770 0x0bb8  btath_avdt - ok
02:11:01.0814 0x0bb8  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
02:11:01.0820 0x0bb8  BTATH_HCRP - ok
02:11:01.0871 0x0bb8  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT    C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
02:11:01.0876 0x0bb8  BTATH_LWFLT - ok
02:11:01.0900 0x0bb8  [ A6019537D6125099363F90D0C6D181F9, CA0C46AABBF71E2A29C93A477A06D33E3CACC84978DD9D729BEFB339E50D7055 ] BTATH_RCP      C:\WINDOWS\System32\drivers\btath_rcp.sys
02:11:01.0908 0x0bb8  BTATH_RCP - ok
02:11:01.0968 0x0bb8  [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
02:11:01.0981 0x0bb8  BtFilter - ok
02:11:02.0045 0x0bb8  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
02:11:02.0046 0x0bb8  BthAvrcpTg - ok
02:11:02.0080 0x0bb8  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum        C:\WINDOWS\System32\drivers\BthEnum.sys
02:11:02.0081 0x0bb8  BthEnum - ok
02:11:02.0108 0x0bb8  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum      C:\WINDOWS\System32\drivers\bthhfenum.sys
02:11:02.0110 0x0bb8  BthHFEnum - ok
02:11:02.0139 0x0bb8  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
02:11:02.0140 0x0bb8  bthhfhid - ok
02:11:02.0183 0x0bb8  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum      C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
02:11:02.0188 0x0bb8  BthLEEnum - ok
02:11:02.0229 0x0bb8  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
02:11:02.0230 0x0bb8  BTHMODEM - ok
02:11:02.0265 0x0bb8  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
02:11:02.0268 0x0bb8  BthPan - ok
02:11:02.0457 0x0bb8  [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT        C:\WINDOWS\System32\Drivers\BTHport.sys
02:11:02.0481 0x0bb8  BTHPORT - ok
02:11:02.0526 0x0bb8  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv        C:\WINDOWS\system32\bthserv.dll
02:11:02.0528 0x0bb8  bthserv - ok
02:11:02.0546 0x0bb8  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
02:11:02.0547 0x0bb8  BTHUSB - ok
02:11:02.0843 0x0bb8  [ 843F5EFF90A988617C5FFD8596A2B571, 69FF9731876E1CBA4BBF00557F0CBC73247165F8EB45F45A55CC0178A7B90D44 ] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
02:11:02.0878 0x0bb8  CCDMonitorService - ok
02:11:02.0896 0x0bb8  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
02:11:02.0898 0x0bb8  cdfs - ok
02:11:02.0925 0x0bb8  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom          C:\WINDOWS\System32\drivers\cdrom.sys
02:11:02.0928 0x0bb8  cdrom - ok
02:11:02.0985 0x0bb8  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc    C:\WINDOWS\System32\certprop.dll
02:11:02.0994 0x0bb8  CertPropSvc - ok
02:11:03.0057 0x0bb8  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
02:11:03.0060 0x0bb8  circlass - ok
02:11:03.0148 0x0bb8  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
02:11:03.0159 0x0bb8  CLFS - ok
02:11:03.0564 0x0bb8  [ 880A6DAC6E03871B37A782155D189A53, 93659BB67236F5EBC317FD73879EB79EFB195728A2C0BC997881D3622C6CF981 ] ClickToRunSvc  C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
02:11:03.0602 0x0bb8  ClickToRunSvc - ok
02:11:03.0633 0x0bb8  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
02:11:03.0634 0x0bb8  CmBatt - ok
02:11:03.0698 0x0bb8  [ 3930E508DDA46C1FF68FD963F350AA0A, BF63F9C7AB30E2A8199D65EDD6DCBB797C93A4A0B972373643FBE1C38BCFA697 ] CNG            C:\WINDOWS\system32\Drivers\cng.sys
02:11:03.0706 0x0bb8  CNG - ok
02:11:03.0756 0x0bb8  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
02:11:03.0757 0x0bb8  CompositeBus - ok
02:11:03.0760 0x0bb8  COMSysApp - ok
02:11:03.0798 0x0bb8  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
02:11:03.0799 0x0bb8  condrv - ok
02:11:04.0157 0x0bb8  [ 1154D3FBD01C35A2F9A2073BCB366452, 02F8CBDD8E2F321711528CFFC46E9F0B60CC779C34164E387E2E53DEB518B674 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
02:11:04.0163 0x0bb8  cphs - ok
02:11:04.0215 0x0bb8  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
02:11:04.0218 0x0bb8  CryptSvc - ok
02:11:04.0240 0x0bb8  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam            C:\WINDOWS\system32\drivers\dam.sys
02:11:04.0241 0x0bb8  dam - ok
02:11:04.0324 0x0bb8  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
02:11:04.0335 0x0bb8  DcomLaunch - ok
02:11:04.0422 0x0bb8  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc      C:\WINDOWS\System32\defragsvc.dll
02:11:04.0428 0x0bb8  defragsvc - ok
02:11:04.0474 0x0bb8  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
02:11:04.0480 0x0bb8  DeviceAssociationService - ok
02:11:04.0601 0x0bb8  [ D06DB4200F9444B2386E6C0E68CD574A, 7266A22D6AF86813CF8AB13BE40384D20C24CE72EF75B0C467C5F88F5B058B1E ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
02:11:04.0614 0x0bb8  DeviceFastLaneService - ok
02:11:04.0654 0x0bb8  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall  C:\WINDOWS\system32\umpnpmgr.dll
02:11:04.0658 0x0bb8  DeviceInstall - ok
02:11:04.0711 0x0bb8  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
02:11:04.0718 0x0bb8  Dfsc - ok
02:11:04.0750 0x0bb8  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
02:11:04.0757 0x0bb8  dg_ssudbus - ok
02:11:04.0810 0x0bb8  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
02:11:04.0815 0x0bb8  Dhcp - ok
02:11:04.0852 0x0bb8  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
02:11:04.0858 0x0bb8  disk - ok
02:11:04.0900 0x0bb8  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc          C:\WINDOWS\System32\drivers\dmvsc.sys
02:11:04.0903 0x0bb8  dmvsc - ok
02:11:04.0968 0x0bb8  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
02:11:04.0983 0x0bb8  Dnscache - ok
02:11:05.0032 0x0bb8  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc        C:\WINDOWS\System32\dot3svc.dll
02:11:05.0047 0x0bb8  dot3svc - ok
02:11:05.0084 0x0bb8  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS            C:\WINDOWS\system32\dps.dll
02:11:05.0091 0x0bb8  DPS - ok
02:11:05.0107 0x0bb8  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud        C:\WINDOWS\system32\drivers\drmkaud.sys
02:11:05.0109 0x0bb8  drmkaud - ok
02:11:05.0161 0x0bb8  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
02:11:05.0173 0x0bb8  DsmSvc - ok
02:11:05.0314 0x0bb8  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl        C:\WINDOWS\System32\drivers\dxgkrnl.sys
02:11:05.0340 0x0bb8  DXGKrnl - ok
02:11:05.0379 0x0bb8  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost        C:\WINDOWS\System32\eapsvc.dll
02:11:05.0381 0x0bb8  Eaphost - ok
02:11:05.0512 0x0bb8  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv          C:\WINDOWS\system32\drivers\evbda.sys
02:11:05.0557 0x0bb8  ebdrv - ok
02:11:05.0587 0x0bb8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS            C:\WINDOWS\System32\lsass.exe
02:11:05.0588 0x0bb8  EFS - ok
02:11:05.0602 0x0bb8  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass    C:\WINDOWS\system32\drivers\EhStorClass.sys
02:11:05.0606 0x0bb8  EhStorClass - ok
02:11:05.0681 0x0bb8  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
02:11:05.0687 0x0bb8  EhStorTcgDrv - ok
02:11:05.0771 0x0bb8  [ 616E1B9130314EB0E331197940AA625B, A4736A31EFF6D35A27B0EC14A7C855B7577301500E20CE936B0F1C0013F0FDF0 ] ePowerSvc      C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
02:11:05.0784 0x0bb8  ePowerSvc - ok
02:11:05.0791 0x0bb8  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
02:11:05.0791 0x0bb8  ErrDev - ok
02:11:05.0865 0x0bb8  [ F3AED65F54A867CE73D76BA6032E3BDD, 488B65C2574655AC9C9231FF0B677CB3B90C38689D4DE592D8060091AFB83445 ] ETD            C:\WINDOWS\system32\DRIVERS\ETD.sys
02:11:05.0870 0x0bb8  ETD - ok
02:11:05.0952 0x0bb8  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem    C:\WINDOWS\system32\es.dll
02:11:05.0959 0x0bb8  EventSystem - ok
02:11:06.0031 0x0bb8  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat          C:\WINDOWS\system32\drivers\exfat.sys
02:11:06.0035 0x0bb8  exfat - ok
02:11:06.0080 0x0bb8  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat        C:\WINDOWS\system32\drivers\fastfat.sys
02:11:06.0083 0x0bb8  fastfat - ok
02:11:06.0138 0x0bb8  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax            C:\WINDOWS\system32\fxssvc.exe
02:11:06.0147 0x0bb8  Fax - ok
02:11:06.0210 0x0bb8  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc            C:\WINDOWS\System32\drivers\fdc.sys
02:11:06.0211 0x0bb8  fdc - ok
02:11:06.0258 0x0bb8  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost        C:\WINDOWS\system32\fdPHost.dll
02:11:06.0259 0x0bb8  fdPHost - ok
02:11:06.0275 0x0bb8  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
02:11:06.0277 0x0bb8  FDResPub - ok
02:11:06.0306 0x0bb8  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc          C:\WINDOWS\system32\fhsvc.dll
02:11:06.0308 0x0bb8  fhsvc - ok
02:11:06.0334 0x0bb8  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
02:11:06.0336 0x0bb8  FileInfo - ok
02:11:06.0357 0x0bb8  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace      C:\WINDOWS\system32\drivers\filetrace.sys
02:11:06.0358 0x0bb8  Filetrace - ok
02:11:06.0372 0x0bb8  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
02:11:06.0373 0x0bb8  flpydisk - ok
02:11:06.0395 0x0bb8  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
02:11:06.0401 0x0bb8  FltMgr - ok
02:11:06.0456 0x0bb8  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache      C:\WINDOWS\system32\FntCache.dll
02:11:06.0474 0x0bb8  FontCache - ok
02:11:06.0602 0x0bb8  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:11:06.0605 0x0bb8  FontCache3.0.0.0 - ok
02:11:06.0626 0x0bb8  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends      C:\WINDOWS\system32\drivers\FsDepends.sys
02:11:06.0628 0x0bb8  FsDepends - ok
02:11:06.0643 0x0bb8  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
02:11:06.0644 0x0bb8  Fs_Rec - ok
02:11:06.0689 0x0bb8  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
02:11:06.0709 0x0bb8  fvevol - ok
02:11:06.0734 0x0bb8  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM          C:\WINDOWS\System32\drivers\fxppm.sys
02:11:06.0734 0x0bb8  FxPPM - ok
02:11:06.0759 0x0bb8  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
02:11:06.0761 0x0bb8  gagp30kx - ok
02:11:06.0886 0x0bb8  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
02:11:06.0890 0x0bb8  GamesAppService - ok
02:11:06.0947 0x0bb8  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
02:11:06.0948 0x0bb8  gencounter - ok
02:11:07.0075 0x0bb8  [ 4DF4ABCA09AF1530D712FA589CE3BE9F, 573C04358BBAEAEDFDC4F265627E8029295C31BB17C13B428D5694119AECEDAD ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
02:11:07.0091 0x0bb8  GfExperienceService - ok
02:11:07.0128 0x0bb8  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101    C:\WINDOWS\system32\Drivers\msgpioclx.sys
02:11:07.0131 0x0bb8  GPIOClx0101 - ok
02:11:07.0231 0x0bb8  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc          C:\WINDOWS\System32\gpsvc.dll
02:11:07.0248 0x0bb8  gpsvc - ok
02:11:07.0289 0x0bb8  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
02:11:07.0294 0x0bb8  HDAudBus - ok
02:11:07.0318 0x0bb8  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt        C:\WINDOWS\System32\drivers\HidBatt.sys
02:11:07.0319 0x0bb8  HidBatt - ok
02:11:07.0343 0x0bb8  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
02:11:07.0344 0x0bb8  HidBth - ok
02:11:07.0379 0x0bb8  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
02:11:07.0380 0x0bb8  hidi2c - ok
02:11:07.0422 0x0bb8  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr          C:\WINDOWS\System32\drivers\hidir.sys
02:11:07.0423 0x0bb8  HidIr - ok
02:11:07.0461 0x0bb8  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv        C:\WINDOWS\system32\hidserv.dll
02:11:07.0463 0x0bb8  hidserv - ok
02:11:07.0474 0x0bb8  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
02:11:07.0474 0x0bb8  HidUsb - ok
02:11:07.0513 0x0bb8  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
02:11:07.0515 0x0bb8  hkmsvc - ok
02:11:07.0577 0x0bb8  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
02:11:07.0593 0x0bb8  HomeGroupListener - ok
02:11:07.0690 0x0bb8  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
02:11:07.0706 0x0bb8  HomeGroupProvider - ok
02:11:07.0747 0x0bb8  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
02:11:07.0748 0x0bb8  HpSAMD - ok
02:11:07.0841 0x0bb8  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
02:11:07.0859 0x0bb8  HTTP - ok
02:11:07.0897 0x0bb8  [ DDBB283835010E52E88AAC6995B617D7, 00BDD20B4C8DAEB1FCF545E453A09B473F19A99D1368DF8F63F0FA549766E466 ] huawei_enumerator C:\WINDOWS\System32\drivers\ew_jubusenum.sys
02:11:07.0898 0x0bb8  huawei_enumerator - ok
02:11:07.0904 0x0bb8  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
02:11:07.0905 0x0bb8  hwpolicy - ok
02:11:07.0915 0x0bb8  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
02:11:07.0923 0x0bb8  hyperkbd - ok
02:11:07.0950 0x0bb8  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
02:11:07.0952 0x0bb8  HyperVideo - ok
02:11:07.0977 0x0bb8  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
02:11:07.0981 0x0bb8  i8042prt - ok
02:11:08.0001 0x0bb8  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
02:11:08.0002 0x0bb8  iaLPSSi_GPIO - ok
02:11:08.0036 0x0bb8  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C    C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
02:11:08.0038 0x0bb8  iaLPSSi_I2C - ok
02:11:08.0151 0x0bb8  [ FA4C48E36F0B24E7E33D3E7E1844B9C9, F61F448B8E305DEFDDA5D4A6FC4E57C798C11ED4DA0ACB885847DC8A9A7B4E98 ] iaStorA        C:\WINDOWS\system32\drivers\iaStorA.sys
02:11:08.0164 0x0bb8  iaStorA - ok
02:11:08.0259 0x0bb8  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
02:11:08.0279 0x0bb8  iaStorAV - ok
02:11:08.0347 0x0bb8  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV        C:\WINDOWS\system32\drivers\iaStorV.sys
02:11:08.0364 0x0bb8  iaStorV - ok
02:11:08.0627 0x0bb8  [ ACD1812E8A531E1CEA09BA3991371E48, 87CAE32D26A36B0AEF8EC884CDFE3E6A572C9330206E004BD63423ED00BB5A62 ] IconMan_R      C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
02:11:08.0659 0x0bb8  IconMan_R - ok
02:11:08.0664 0x0bb8  IEEtwCollectorService - ok
02:11:08.0856 0x0bb8  [ 09F8023A17EE9EB0897A1B195428192B, 2DF018A24766E32E16F4B4FA9DA3D095BA42702B6869D4D1624A5EBF83805AF2 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
02:11:08.0919 0x0bb8  igfx - ok
02:11:08.0996 0x0bb8  [ F64E1962751A6DAA3FBB6210D6751E22, 972046FB7F0B443F9251F2F5B4AF0F8BAC2046B3EA295428BC888AAA568EC737 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
02:11:09.0015 0x0bb8  igfxCUIService1.0.0.0 - ok
02:11:09.0115 0x0bb8  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
02:11:09.0136 0x0bb8  IKEEXT - ok
02:11:09.0159 0x0bb8  [ CF25067821BB89E87021E9493C178863, 1AA25378EFD977BC6CD9405A395FA2962770385FAB5A9A55FC95B5F6DFD8D1AE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
02:11:09.0160 0x0bb8  intaud_WaveExtensible - ok
02:11:09.0452 0x0bb8  [ 7D7711B0F972C73AE46105B42092D82E, AC66AE06B65C03BCEE2FF90732B13B651862382CDFEE85A6B5497DF3A2FF75A2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
02:11:09.0496 0x0bb8  IntcAzAudAddService - ok
02:11:09.0630 0x0bb8  [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
02:11:09.0643 0x0bb8  IntcDAud - ok
02:11:09.0839 0x0bb8  [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
02:11:09.0854 0x0bb8  Intel(R) Capability Licensing Service Interface - ok
02:11:10.0021 0x0bb8  [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
02:11:10.0039 0x0bb8  Intel(R) Capability Licensing Service TCP IP Interface - ok
02:11:10.0093 0x0bb8  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
02:11:10.0093 0x0bb8  intelide - ok
02:11:10.0146 0x0bb8  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
02:11:10.0149 0x0bb8  intelpep - ok
02:11:10.0194 0x0bb8  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
02:11:10.0200 0x0bb8  intelppm - ok
02:11:10.0239 0x0bb8  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
02:11:10.0244 0x0bb8  IpFilterDriver - ok
02:11:10.0404 0x0bb8  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
02:11:10.0424 0x0bb8  iphlpsvc - ok
02:11:10.0464 0x0bb8  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV        C:\WINDOWS\System32\drivers\IPMIDrv.sys
02:11:10.0466 0x0bb8  IPMIDRV - ok
02:11:10.0507 0x0bb8  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT          C:\WINDOWS\system32\drivers\ipnat.sys
02:11:10.0509 0x0bb8  IPNAT - ok
02:11:10.0576 0x0bb8  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
02:11:10.0578 0x0bb8  IRENUM - ok
02:11:10.0609 0x0bb8  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
02:11:10.0611 0x0bb8  isapnp - ok
02:11:10.0702 0x0bb8  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
02:11:10.0708 0x0bb8  iScsiPrt - ok
02:11:10.0781 0x0bb8  [ 2DB1E2AE4A0DE62026296F0A6C29F3F5, A5A3D4D5BF9FF1DB5AC3BE15699B52707C8EB71EFA8FA82E7AE7A0C52C224380 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
02:11:10.0784 0x0bb8  iwdbus - ok
02:11:10.0963 0x0bb8  [ A326E83B46820EF62F7F0BA17A9DA542, 1CC6564B100517E62E7BACAC142F8B0C6B1800F16D9A25D95E9AA2C2CEC0E54B ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
02:11:10.0971 0x0bb8  jhi_service - ok
02:11:11.0088 0x0bb8  [ 45369E037410609D769852A1CE46A184, 752BE7BB167E602CD89D52E3A4382AF7C75033306E31884EC55872EF7A0A3EE2 ] k57nd60a        C:\WINDOWS\system32\DRIVERS\k57nd60a.sys
02:11:11.0094 0x0bb8  k57nd60a - ok
02:11:11.0150 0x0bb8  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
02:11:11.0151 0x0bb8  kbdclass - ok
02:11:11.0189 0x0bb8  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
02:11:11.0190 0x0bb8  kbdhid - ok
02:11:11.0196 0x0bb8  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic          C:\WINDOWS\system32\DRIVERS\kdnic.sys
02:11:11.0196 0x0bb8  kdnic - ok
02:11:11.0244 0x0bb8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
02:11:11.0245 0x0bb8  KeyIso - ok
02:11:11.0282 0x0bb8  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
02:11:11.0284 0x0bb8  KSecDD - ok
02:11:11.0378 0x0bb8  [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg        C:\WINDOWS\system32\Drivers\ksecpkg.sys
02:11:11.0381 0x0bb8  KSecPkg - ok
02:11:11.0415 0x0bb8  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk        C:\WINDOWS\system32\drivers\ksthunk.sys
02:11:11.0425 0x0bb8  ksthunk - ok
02:11:11.0515 0x0bb8  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm          C:\WINDOWS\system32\msdtckrm.dll
02:11:11.0521 0x0bb8  KtmRm - ok
02:11:11.0631 0x0bb8  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
02:11:11.0637 0x0bb8  LanmanServer - ok
02:11:11.0789 0x0bb8  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
02:11:11.0808 0x0bb8  LanmanWorkstation - ok
02:11:11.0978 0x0bb8  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc          C:\WINDOWS\System32\GeofenceMonitorService.dll
02:11:11.0986 0x0bb8  lfsvc - ok
02:11:12.0021 0x0bb8  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
02:11:12.0022 0x0bb8  lltdio - ok
02:11:12.0116 0x0bb8  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc        C:\WINDOWS\System32\lltdsvc.dll
02:11:12.0124 0x0bb8  lltdsvc - ok
02:11:12.0179 0x0bb8  [ 95DD1E89A772A383E0FDC677A2E2ED44, 94701ACC1F4D5422CB7084609BC25D34A05F68829DB5030AA6697BD7DBC3B0B2 ] LMDriver        C:\WINDOWS\System32\drivers\LMDriver.sys
02:11:12.0197 0x0bb8  LMDriver - ok
02:11:12.0277 0x0bb8  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts        C:\WINDOWS\System32\lmhsvc.dll
02:11:12.0282 0x0bb8  lmhosts - ok
02:11:12.0434 0x0bb8  [ 70C1B686CA9083970484DDDED4426A08, AA19295AC97EBE36E9CED4B162CBF1EEF4916B02FDA6255ACEF0492E79E94C64 ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
02:11:12.0442 0x0bb8  LMS - ok
02:11:12.0601 0x0bb8  [ E1A37D1BF2F57345D078C324693F6A38, 99EF79344DB7EB1EBCABA716112FD23A350574BD67C451F421207E5341704504 ] LMSvc          C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
02:11:12.0616 0x0bb8  LMSvc - ok
02:11:12.0659 0x0bb8  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS        C:\WINDOWS\system32\drivers\lsi_sas.sys
02:11:12.0661 0x0bb8  LSI_SAS - ok
02:11:12.0760 0x0bb8  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
02:11:12.0762 0x0bb8  LSI_SAS2 - ok
02:11:12.0791 0x0bb8  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
02:11:12.0793 0x0bb8  LSI_SAS3 - ok
02:11:12.0861 0x0bb8  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS        C:\WINDOWS\system32\drivers\lsi_sss.sys
02:11:12.0864 0x0bb8  LSI_SSS - ok
02:11:13.0062 0x0bb8  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM            C:\WINDOWS\System32\lsm.dll
02:11:13.0073 0x0bb8  LSM - ok
02:11:13.0146 0x0bb8  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv          C:\WINDOWS\system32\drivers\luafv.sys
02:11:13.0148 0x0bb8  luafv - ok
02:11:13.0310 0x0bb8  [ 0307CF4184F4F22DB75F36ACCCEF7ED1, 32EAC5DADDD70175EA7AD4FC0A8624BECB138B9ED9E66AF74AC4A06EEB3EB4B7 ] mbamchameleon  C:\WINDOWS\system32\drivers\mbamchameleon.sys
02:11:13.0316 0x0bb8  mbamchameleon - ok
02:11:13.0367 0x0bb8  [ CF12E148C6FC151335B7D7FE03F1C7A2, 7087DF6D884AF0A57AC22D7AE9C2903913AAB4CE52D19666B6513C3D5706E43C ] MBAMProtector  C:\WINDOWS\system32\drivers\mbam.sys
02:11:13.0370 0x0bb8  MBAMProtector - ok
02:11:13.0800 0x0bb8  [ E27891A49DF92004041FEC5C3A2D4230, A4679A1F10F84935875E35A83FC7075499B8F4CBB543209A38C0D946347CD264 ] MBAMService    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
02:11:13.0821 0x0bb8  MBAMService - ok
02:11:13.0895 0x0bb8  [ E9CD058C79EA15B4AA93E259FA713B07, 2B09F65188D8782F9C797545F2F791EC7EAB85D8914B2C0B30BD869C412E3980 ] MBAMSwissArmy  C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
02:11:13.0897 0x0bb8  MBAMSwissArmy - ok
02:11:13.0920 0x0bb8  [ 7FD0FDFB97D80B21195273C4C3810FE1, E1072821AB338F45740DE6CF7BDB7C676CC67AB4BFC2ACF78773ABB424152D2C ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
02:11:13.0921 0x0bb8  MBAMWebAccessControl - ok
02:11:14.0061 0x0bb8  [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
02:11:14.0076 0x0bb8  McComponentHostService - ok
02:11:14.0119 0x0bb8  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas        C:\WINDOWS\system32\drivers\megasas.sys
02:11:14.0121 0x0bb8  megasas - ok
02:11:14.0207 0x0bb8  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
02:11:14.0215 0x0bb8  megasr - ok
02:11:14.0266 0x0bb8  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
02:11:14.0270 0x0bb8  MEIx64 - ok
02:11:14.0305 0x0bb8  [ E97EE1F31F7E5349A06CE089658DA8A1, 8136155C734457E422331B3CBE67927C45FAB10B9B34789A612B58CF0E0E3BEC ] mfencrk        C:\WINDOWS\system32\DRIVERS\mfencrk.sys
02:11:14.0322 0x0bb8  mfencrk - ok
02:11:14.0367 0x0bb8  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS          C:\WINDOWS\system32\mmcss.dll
02:11:14.0373 0x0bb8  MMCSS - ok
02:11:14.0391 0x0bb8  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem          C:\WINDOWS\system32\drivers\modem.sys
02:11:14.0407 0x0bb8  Modem - ok
02:11:14.0473 0x0bb8  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor        C:\WINDOWS\System32\drivers\monitor.sys
02:11:14.0475 0x0bb8  monitor - ok
02:11:14.0508 0x0bb8  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
02:11:14.0510 0x0bb8  mouclass - ok
02:11:14.0530 0x0bb8  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
02:11:14.0532 0x0bb8  mouhid - ok
02:11:14.0699 0x0bb8  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
02:11:14.0703 0x0bb8  mountmgr - ok
02:11:14.0754 0x0bb8  [ 0A68B3E37961CEC327EED518F6D62530, EDEB16545ECDDEA2ADFF73E4DF3E9FD87E4B7126C8CFB037ABAF883D157103DE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:11:14.0757 0x0bb8  MozillaMaintenance - ok
02:11:14.0775 0x0bb8  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
02:11:14.0776 0x0bb8  mpsdrv - ok
02:11:14.0879 0x0bb8  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
02:11:14.0891 0x0bb8  MpsSvc - ok
02:11:14.0922 0x0bb8  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
02:11:14.0924 0x0bb8  MRxDAV - ok
02:11:15.0041 0x0bb8  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
02:11:15.0048 0x0bb8  mrxsmb - ok
02:11:15.0136 0x0bb8  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
02:11:15.0145 0x0bb8  mrxsmb10 - ok
02:11:15.0159 0x0bb8  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
02:11:15.0164 0x0bb8  mrxsmb20 - ok
02:11:15.0227 0x0bb8  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
02:11:15.0229 0x0bb8  MsBridge - ok
02:11:15.0274 0x0bb8  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC          C:\WINDOWS\System32\msdtc.exe
02:11:15.0277 0x0bb8  MSDTC - ok
02:11:15.0324 0x0bb8  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
02:11:15.0327 0x0bb8  Msfs - ok
02:11:15.0362 0x0bb8  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32    C:\WINDOWS\System32\drivers\msgpiowin32.sys
02:11:15.0364 0x0bb8  msgpiowin32 - ok
02:11:15.0379 0x0bb8  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf      C:\WINDOWS\System32\drivers\mshidkmdf.sys
02:11:15.0380 0x0bb8  mshidkmdf - ok
02:11:15.0403 0x0bb8  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf      C:\WINDOWS\System32\drivers\mshidumdf.sys
02:11:15.0403 0x0bb8  mshidumdf - ok
02:11:15.0416 0x0bb8  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
02:11:15.0417 0x0bb8  msisadrv - ok
02:11:15.0471 0x0bb8  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI        C:\WINDOWS\system32\iscsiexe.dll
02:11:15.0474 0x0bb8  MSiSCSI - ok
02:11:15.0477 0x0bb8  msiserver - ok
02:11:15.0519 0x0bb8  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV        C:\WINDOWS\system32\drivers\MSKSSRV.sys
02:11:15.0519 0x0bb8  MSKSSRV - ok
02:11:15.0552 0x0bb8  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
02:11:15.0553 0x0bb8  MsLldp - ok
02:11:15.0571 0x0bb8  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
02:11:15.0571 0x0bb8  MSPCLOCK - ok
02:11:15.0592 0x0bb8  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM          C:\WINDOWS\system32\drivers\MSPQM.sys
02:11:15.0594 0x0bb8  MSPQM - ok
02:11:15.0623 0x0bb8  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC          C:\WINDOWS\system32\drivers\MsRPC.sys
02:11:15.0628 0x0bb8  MsRPC - ok
02:11:15.0653 0x0bb8  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
02:11:15.0654 0x0bb8  mssmbios - ok
02:11:15.0668 0x0bb8  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE          C:\WINDOWS\system32\drivers\MSTEE.sys
02:11:15.0669 0x0bb8  MSTEE - ok
02:11:15.0696 0x0bb8  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
02:11:15.0697 0x0bb8  MTConfig - ok
02:11:15.0701 0x0bb8  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup            C:\WINDOWS\system32\Drivers\mup.sys
02:11:15.0702 0x0bb8  Mup - ok
02:11:15.0724 0x0bb8  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
02:11:15.0726 0x0bb8  mvumis - ok
02:11:15.0798 0x0bb8  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
02:11:15.0809 0x0bb8  napagent - ok
02:11:15.0858 0x0bb8  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP    C:\WINDOWS\system32\DRIVERS\nwifi.sys
02:11:15.0865 0x0bb8  NativeWifiP - ok
02:11:15.0971 0x0bb8  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        c:\Program Files (x86)\Nero\Update\NASvc.exe
02:11:15.0982 0x0bb8  NAUpdate - ok
02:11:16.0038 0x0bb8  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
02:11:16.0042 0x0bb8  NcaSvc - ok
02:11:16.0053 0x0bb8  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
02:11:16.0056 0x0bb8  NcbService - ok
02:11:16.0087 0x0bb8  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
02:11:16.0089 0x0bb8  NcdAutoSetup - ok
02:11:16.0230 0x0bb8  [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
02:11:16.0246 0x0bb8  NDIS - ok
02:11:16.0272 0x0bb8  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap        C:\WINDOWS\system32\DRIVERS\ndiscap.sys
02:11:16.0273 0x0bb8  NdisCap - ok
02:11:16.0300 0x0bb8  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
02:11:16.0302 0x0bb8  NdisImPlatform - ok
02:11:16.0330 0x0bb8  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
02:11:16.0331 0x0bb8  NdisTapi - ok
02:11:16.0355 0x0bb8  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio        C:\WINDOWS\system32\DRIVERS\ndisuio.sys
02:11:16.0357 0x0bb8  Ndisuio - ok
02:11:16.0386 0x0bb8  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
02:11:16.0394 0x0bb8  NdisVirtualBus - ok
02:11:16.0422 0x0bb8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan        C:\WINDOWS\system32\DRIVERS\ndiswan.sys
02:11:16.0425 0x0bb8  NdisWan - ok
02:11:16.0439 0x0bb8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy  C:\WINDOWS\system32\DRIVERS\ndiswan.sys
02:11:16.0442 0x0bb8  NdisWanLegacy - ok
02:11:16.0471 0x0bb8  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy        C:\WINDOWS\system32\drivers\NDProxy.sys
02:11:16.0473 0x0bb8  NDProxy - ok
02:11:16.0522 0x0bb8  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu            C:\WINDOWS\system32\drivers\Ndu.sys
02:11:16.0524 0x0bb8  Ndu - ok
02:11:16.0529 0x0bb8  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS        C:\WINDOWS\system32\DRIVERS\netbios.sys
02:11:16.0530 0x0bb8  NetBIOS - ok
02:11:16.0549 0x0bb8  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT          C:\WINDOWS\system32\DRIVERS\netbt.sys
02:11:16.0553 0x0bb8  NetBT - ok
02:11:16.0567 0x0bb8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
02:11:16.0569 0x0bb8  Netlogon - ok
02:11:16.0614 0x0bb8  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
02:11:16.0618 0x0bb8  Netman - ok
02:11:16.0688 0x0bb8  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
02:11:16.0696 0x0bb8  netprofm - ok
02:11:16.0771 0x0bb8  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:11:16.0774 0x0bb8  NetTcpPortSharing - ok
02:11:16.0802 0x0bb8  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
02:11:16.0804 0x0bb8  netvsc - ok
02:11:16.0874 0x0bb8  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
02:11:16.0888 0x0bb8  NlaSvc - ok
02:11:16.0902 0x0bb8  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
02:11:16.0904 0x0bb8  Npfs - ok
02:11:16.0912 0x0bb8  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig      C:\WINDOWS\System32\drivers\npsvctrig.sys
02:11:16.0913 0x0bb8  npsvctrig - ok
02:11:16.0959 0x0bb8  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi            C:\WINDOWS\system32\nsisvc.dll
02:11:16.0964 0x0bb8  nsi - ok
02:11:16.0986 0x0bb8  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
02:11:16.0988 0x0bb8  nsiproxy - ok
02:11:17.0128 0x0bb8  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
02:11:17.0154 0x0bb8  Ntfs - ok
02:11:17.0177 0x0bb8  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
02:11:17.0178 0x0bb8  Null - ok
02:11:17.0680 0x0bb8  [ 7F58A8A5F208557F1FF8D7F45D5811DB, D9999DAD9BBBC907C8633AD08D90E40D861E9941A74CCF3C6183C9E220FEA0E9 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
02:11:17.0821 0x0bb8  nvlddmkm - ok
02:11:17.0978 0x0bb8  [ EC4F787905DC5753C46A4C05CEBADF45, 334E7E277A6FDABD91108DC4FE0D861DE6C00616CCFDC5E2D390CDDED62AF5D5 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
02:11:18.0005 0x0bb8  NvNetworkService - ok
02:11:18.0027 0x0bb8  [ BA17213DA758C56F3834FDF01BF22B4C, E162888B50FEDF96A02DF84E0BAF3F23EA4E4F2BD231DB3ACF4C4B40A5F566A8 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
02:11:18.0028 0x0bb8  nvpciflt - ok
02:11:18.0055 0x0bb8  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
02:11:18.0057 0x0bb8  nvraid - ok
02:11:18.0077 0x0bb8  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
02:11:18.0080 0x0bb8  nvstor - ok
02:11:18.0129 0x0bb8  [ D92F4ED189C8207D0274B8B6BB494892, 8F7656662D3F26BE51AED9B7368278B18915F98A627E70021F914016BF3E22DB ] NvStreamKms    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
02:11:18.0129 0x0bb8  NvStreamKms - ok
02:11:18.0147 0x0bb8  NvStreamSvc - ok
02:11:18.0238 0x0bb8  [ 806069C408AE736E2182D2FF6C2FA8EE, 9C2D2309C4F4135772C53C10C7442BCA362657B062177B20C2F00DC2137E8362 ] nvsvc          C:\WINDOWS\system32\nvvsvc.exe
02:11:18.0251 0x0bb8  nvsvc - ok
02:11:18.0281 0x0bb8  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
02:11:18.0282 0x0bb8  nvvad_WaveExtensible - ok
02:11:18.0298 0x0bb8  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
02:11:18.0300 0x0bb8  nv_agp - ok
02:11:18.0355 0x0bb8  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:11:18.0357 0x0bb8  ose - ok
02:11:18.0400 0x0bb8  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
02:11:18.0406 0x0bb8  p2pimsvc - ok
02:11:18.0464 0x0bb8  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
02:11:18.0470 0x0bb8  p2psvc - ok
02:11:18.0494 0x0bb8  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport        C:\WINDOWS\System32\drivers\parport.sys
02:11:18.0495 0x0bb8  Parport - ok
02:11:18.0524 0x0bb8  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr        C:\WINDOWS\system32\drivers\partmgr.sys
02:11:18.0525 0x0bb8  partmgr - ok
02:11:18.0552 0x0bb8  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
02:11:18.0560 0x0bb8  PcaSvc - ok
02:11:18.0570 0x0bb8  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci            C:\WINDOWS\system32\drivers\pci.sys
02:11:18.0574 0x0bb8  pci - ok
02:11:18.0587 0x0bb8  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
02:11:18.0588 0x0bb8  pciide - ok
02:11:18.0599 0x0bb8  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
02:11:18.0601 0x0bb8  pcmcia - ok
02:11:18.0615 0x0bb8  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw            C:\WINDOWS\system32\drivers\pcw.sys
02:11:18.0616 0x0bb8  pcw - ok
02:11:18.0639 0x0bb8  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc            C:\WINDOWS\system32\drivers\pdc.sys
02:11:18.0640 0x0bb8  pdc - ok
02:11:18.0727 0x0bb8  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
02:11:18.0736 0x0bb8  PEAUTH - ok
02:11:18.0986 0x0bb8  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
02:11:18.0988 0x0bb8  PerfHost - ok
02:11:19.0114 0x0bb8  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla            C:\WINDOWS\system32\pla.dll
02:11:19.0135 0x0bb8  pla - ok
02:11:19.0166 0x0bb8  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
02:11:19.0169 0x0bb8  PlugPlay - ok
02:11:19.0197 0x0bb8  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg    C:\WINDOWS\system32\pnrpauto.dll
02:11:19.0199 0x0bb8  PNRPAutoReg - ok
02:11:19.0229 0x0bb8  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc        C:\WINDOWS\system32\pnrpsvc.dll
02:11:19.0235 0x0bb8  PNRPsvc - ok
02:11:19.0281 0x0bb8  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent    C:\WINDOWS\System32\ipsecsvc.dll
02:11:19.0287 0x0bb8  PolicyAgent - ok
02:11:19.0299 0x0bb8  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power          C:\WINDOWS\system32\umpo.dll
02:11:19.0301 0x0bb8  Power - ok
02:11:19.0548 0x0bb8  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify    C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
02:11:19.0586 0x0bb8  PrintNotify - ok
02:11:19.0613 0x0bb8  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor      C:\WINDOWS\System32\drivers\processr.sys
02:11:19.0614 0x0bb8  Processor - ok
02:11:19.0671 0x0bb8  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc        C:\WINDOWS\system32\profsvc.dll
02:11:19.0675 0x0bb8  ProfSvc - ok
02:11:19.0723 0x0bb8  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
02:11:19.0725 0x0bb8  Psched - ok
02:11:19.0762 0x0bb8  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE          C:\WINDOWS\system32\qwave.dll
02:11:19.0768 0x0bb8  QWAVE - ok
02:11:19.0783 0x0bb8  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
02:11:19.0784 0x0bb8  QWAVEdrv - ok
02:11:19.0819 0x0bb8  [ E94067155C8AA4EF134CB2528E0C9CD7, 6EEF603F64827AB138930DFE379BF8E48E64AE8AA5EE7B9E0CA369022BAAA2EA ] RadioShim      C:\WINDOWS\System32\drivers\RadioShim.sys
02:11:19.0820 0x0bb8  RadioShim - ok
02:11:19.0851 0x0bb8  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
02:11:19.0852 0x0bb8  RasAcd - ok
02:11:19.0876 0x0bb8  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto        C:\WINDOWS\System32\rasauto.dll
02:11:19.0880 0x0bb8  RasAuto - ok
02:11:19.0912 0x0bb8  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
02:11:19.0926 0x0bb8  RasMan - ok
02:11:19.0944 0x0bb8  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
02:11:19.0946 0x0bb8  RasPppoe - ok
02:11:20.0066 0x0bb8  [ 71FF75BAE3D6E362BE3AD07E26C2D00A, 33F82F817AAAD585D47112A88BCC9DC2FB1B7AB8448EE140FA00FA520D8647A7 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
02:11:20.0069 0x0bb8  Razer Game Scanner Service - ok
02:11:20.0094 0x0bb8  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss          C:\WINDOWS\system32\DRIVERS\rdbss.sys
02:11:20.0100 0x0bb8  rdbss - ok
02:11:20.0113 0x0bb8  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
02:11:20.0114 0x0bb8  rdpbus - ok
02:11:20.0186 0x0bb8  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR          C:\WINDOWS\system32\drivers\rdpdr.sys
02:11:20.0188 0x0bb8  RDPDR - ok
02:11:20.0216 0x0bb8  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
02:11:20.0217 0x0bb8  RdpVideoMiniport - ok
02:11:20.0243 0x0bb8  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
02:11:20.0246 0x0bb8  rdyboost - ok
02:11:20.0288 0x0bb8  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
02:11:20.0301 0x0bb8  ReFS - ok
02:11:20.0339 0x0bb8  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
02:11:20.0343 0x0bb8  RemoteAccess - ok
02:11:20.0377 0x0bb8  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
02:11:20.0380 0x0bb8  RemoteRegistry - ok
02:11:20.0429 0x0bb8  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
02:11:20.0432 0x0bb8  RFCOMM - ok
02:11:20.0473 0x0bb8  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
02:11:20.0475 0x0bb8  RpcEptMapper - ok
02:11:20.0506 0x0bb8  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
02:11:20.0509 0x0bb8  RpcLocator - ok
02:11:20.0564 0x0bb8  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs          C:\WINDOWS\system32\rpcss.dll
02:11:20.0575 0x0bb8  RpcSs - ok
02:11:20.0620 0x0bb8  [ 92650E6BFBB2F010C331DCDF49F09310, 0C7F2608A6051F7E932C9866EFAA13B0D57DF9D4FD88A178F737384C50719EB9 ] RSPCIESTOR      C:\WINDOWS\system32\DRIVERS\RtsPStor.sys
02:11:20.0625 0x0bb8  RSPCIESTOR - ok
02:11:20.0656 0x0bb8  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
02:11:20.0657 0x0bb8  rspndr - ok
02:11:20.0682 0x0bb8  [ 5160E65ABB33B77D8750BD78808FD316, D75ED07007B0A00B50BE43402B7EAA6513F6B4908B7A4A521370F616F58A09AC ] rzdaendpt      C:\WINDOWS\System32\drivers\rzdaendpt.sys
02:11:20.0683 0x0bb8  rzdaendpt - ok
02:11:20.0710 0x0bb8  [ F17F84511E7DFDEEAB646F0699A006D7, 5237937841FBD1F99A5D6161DEBA26182DDAF617CA98946EE7DB0AB67FC149EA ] rzpmgrk        C:\WINDOWS\system32\drivers\rzpmgrk.sys
02:11:20.0711 0x0bb8  rzpmgrk - ok
02:11:20.0735 0x0bb8  [ FEF60A37301E1F5A3020FA3487FB2CD7, 0C925468C3376458D0E1EC65E097BD1A81A03901035C0195E8F6EF904EF3F901 ] rzpnk          C:\WINDOWS\system32\drivers\rzpnk.sys
02:11:20.0738 0x0bb8  rzpnk - ok
02:11:20.0775 0x0bb8  [ 77C5AB228FE307C55FEF0C575E218771, 73C9D4593DA694B2D52817F608E749296D9CC1C44906C97204595476B68AD50F ] rzudd          C:\WINDOWS\System32\drivers\rzudd.sys
02:11:20.0777 0x0bb8  rzudd - ok
02:11:20.0800 0x0bb8  [ 6BD87A54B92C7D41345A079D5B5C68FF, DFC20DF473A2575AB1DFE317532F0E09B4901B6761034CE52BA13C28A608C127 ] rzvkeyboard    C:\WINDOWS\System32\drivers\rzvkeyboard.sys
02:11:20.0801 0x0bb8  rzvkeyboard - ok
02:11:20.0827 0x0bb8  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap          C:\WINDOWS\System32\drivers\vms3cap.sys
02:11:20.0827 0x0bb8  s3cap - ok
02:11:20.0876 0x0bb8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs          C:\WINDOWS\system32\lsass.exe
02:11:20.0882 0x0bb8  SamSs - ok
02:11:20.0934 0x0bb8  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
02:11:20.0937 0x0bb8  sbp2port - ok
02:11:21.0011 0x0bb8  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
02:11:21.0015 0x0bb8  SCardSvr - ok
02:11:21.0037 0x0bb8  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
02:11:21.0040 0x0bb8  ScDeviceEnum - ok
02:11:21.0087 0x0bb8  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
02:11:21.0088 0x0bb8  scfilter - ok
02:11:21.0192 0x0bb8  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
02:11:21.0210 0x0bb8  Schedule - ok
02:11:21.0278 0x0bb8  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc    C:\WINDOWS\System32\certprop.dll
02:11:21.0280 0x0bb8  SCPolicySvc - ok
02:11:21.0366 0x0bb8  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus          C:\WINDOWS\System32\drivers\sdbus.sys
02:11:21.0373 0x0bb8  sdbus - ok
02:11:21.0448 0x0bb8  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
02:11:21.0450 0x0bb8  sdstor - ok
02:11:21.0494 0x0bb8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
02:11:21.0495 0x0bb8  secdrv - ok
02:11:21.0555 0x0bb8  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
02:11:21.0562 0x0bb8  seclogon - ok
02:11:21.0594 0x0bb8  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
02:11:21.0596 0x0bb8  SENS - ok
02:11:21.0647 0x0bb8  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
02:11:21.0652 0x0bb8  SensrSvc - ok
02:11:21.0670 0x0bb8  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx          C:\WINDOWS\system32\drivers\SerCx.sys
02:11:21.0672 0x0bb8  SerCx - ok
02:11:21.0712 0x0bb8  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
02:11:21.0714 0x0bb8  SerCx2 - ok
02:11:21.0750 0x0bb8  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum        C:\WINDOWS\System32\drivers\serenum.sys
02:11:21.0750 0x0bb8  Serenum - ok
02:11:21.0794 0x0bb8  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
02:11:21.0800 0x0bb8  Serial - ok
02:11:21.0840 0x0bb8  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
02:11:21.0841 0x0bb8  sermouse - ok
02:11:21.0975 0x0bb8  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
02:11:21.0981 0x0bb8  SessionEnv - ok
02:11:21.0985 0x0bb8  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy        C:\WINDOWS\System32\drivers\sfloppy.sys
02:11:21.0985 0x0bb8  sfloppy - ok
02:11:22.0022 0x0bb8  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
02:11:22.0029 0x0bb8  SharedAccess - ok
02:11:22.0114 0x0bb8  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
02:11:22.0124 0x0bb8  ShellHWDetection - ok
02:11:22.0151 0x0bb8  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
02:11:22.0152 0x0bb8  SiSRaid2 - ok
02:11:22.0170 0x0bb8  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
02:11:22.0172 0x0bb8  SiSRaid4 - ok
02:11:22.0188 0x0bb8  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost        C:\WINDOWS\System32\smphost.dll
02:11:22.0192 0x0bb8  smphost - ok
02:11:22.0229 0x0bb8  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
02:11:22.0232 0x0bb8  SNMPTRAP - ok
02:11:22.0298 0x0bb8  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport      C:\WINDOWS\system32\drivers\spaceport.sys
02:11:22.0312 0x0bb8  spaceport - ok
02:11:22.0331 0x0bb8  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx          C:\WINDOWS\system32\drivers\SpbCx.sys
02:11:22.0333 0x0bb8  SpbCx - ok
02:11:22.0419 0x0bb8  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler        C:\WINDOWS\System32\spoolsv.exe
02:11:22.0439 0x0bb8  Spooler - ok
02:11:22.0850 0x0bb8  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
02:11:22.0939 0x0bb8  sppsvc - ok
02:11:23.0001 0x0bb8  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv            C:\WINDOWS\system32\DRIVERS\srv.sys
02:11:23.0007 0x0bb8  srv - ok
02:11:23.0041 0x0bb8  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
02:11:23.0051 0x0bb8  srv2 - ok
02:11:23.0072 0x0bb8  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
02:11:23.0075 0x0bb8  srvnet - ok
02:11:23.0122 0x0bb8  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV        C:\WINDOWS\System32\ssdpsrv.dll
02:11:23.0126 0x0bb8  SSDPSRV - ok
02:11:23.0139 0x0bb8  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc        C:\WINDOWS\system32\sstpsvc.dll
02:11:23.0142 0x0bb8  SstpSvc - ok
02:11:23.0170 0x0bb8  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm        C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
02:11:23.0173 0x0bb8  ssudmdm - ok
02:11:23.0281 0x0bb8  [ 5317D001B40EAF91ECA71644F1B984C6, 43F2D5E025527EE19483D0FCA1C8559740556B8F60EE1B4D6AC4BFB826F4162D ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
02:11:23.0295 0x0bb8  Steam Client Service - ok
02:11:23.0328 0x0bb8  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
02:11:23.0329 0x0bb8  stexstor - ok
02:11:23.0395 0x0bb8  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
02:11:23.0405 0x0bb8  stisvc - ok
02:11:23.0419 0x0bb8  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
02:11:23.0421 0x0bb8  storahci - ok
02:11:23.0450 0x0bb8  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt        C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
02:11:23.0451 0x0bb8  storflt - ok
02:11:23.0478 0x0bb8  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
02:11:23.0479 0x0bb8  stornvme - ok
02:11:23.0508 0x0bb8  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc        C:\WINDOWS\system32\storsvc.dll
02:11:23.0511 0x0bb8  StorSvc - ok
02:11:23.0524 0x0bb8  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc        C:\WINDOWS\system32\drivers\storvsc.sys
02:11:23.0525 0x0bb8  storvsc - ok
02:11:23.0539 0x0bb8  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc          C:\WINDOWS\system32\svsvc.dll
02:11:23.0542 0x0bb8  svsvc - ok
02:11:23.0559 0x0bb8  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
02:11:23.0559 0x0bb8  swenum - ok
02:11:23.0611 0x0bb8  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv          C:\WINDOWS\System32\swprv.dll
02:11:23.0622 0x0bb8  swprv - ok
02:11:23.0746 0x0bb8  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain        C:\WINDOWS\system32\sysmain.dll
02:11:23.0763 0x0bb8  SysMain - ok
02:11:23.0818 0x0bb8  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
02:11:23.0823 0x0bb8  SystemEventsBroker - ok
02:11:23.0869 0x0bb8  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
02:11:23.0872 0x0bb8  TabletInputService - ok
02:11:23.0978 0x0bb8  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv        C:\WINDOWS\System32\tapisrv.dll
02:11:23.0991 0x0bb8  TapiSrv - ok
02:11:24.0117 0x0bb8  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip          C:\WINDOWS\system32\drivers\tcpip.sys
02:11:24.0150 0x0bb8  Tcpip - ok
02:11:24.0272 0x0bb8  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
02:11:24.0305 0x0bb8  TCPIP6 - ok
02:11:24.0413 0x0bb8  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
02:11:24.0414 0x0bb8  tcpipreg - ok
02:11:24.0480 0x0bb8  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx            C:\WINDOWS\system32\DRIVERS\tdx.sys
02:11:24.0482 0x0bb8  tdx - ok
02:11:24.0521 0x0bb8  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
02:11:24.0522 0x0bb8  terminpt - ok
02:11:24.0655 0x0bb8  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService    C:\WINDOWS\System32\termsrv.dll
02:11:24.0670 0x0bb8  TermService - ok
02:11:24.0681 0x0bb8  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
02:11:24.0683 0x0bb8  Themes - ok
02:11:24.0737 0x0bb8  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER    C:\WINDOWS\system32\mmcss.dll
02:11:24.0739 0x0bb8  THREADORDER - ok
02:11:24.0769 0x0bb8  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
02:11:24.0780 0x0bb8  TimeBroker - ok
02:11:24.0828 0x0bb8  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM            C:\WINDOWS\system32\drivers\tpm.sys
02:11:24.0830 0x0bb8  TPM - ok
02:11:24.0873 0x0bb8  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
02:11:24.0885 0x0bb8  TrkWks - ok
02:11:24.0957 0x0bb8  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
02:11:24.0959 0x0bb8  TrustedInstaller - ok
02:11:24.0976 0x0bb8  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
02:11:24.0977 0x0bb8  TsUsbFlt - ok
02:11:25.0000 0x0bb8  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD        C:\WINDOWS\System32\drivers\TsUsbGD.sys
02:11:25.0003 0x0bb8  TsUsbGD - ok
02:11:25.0097 0x0bb8  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
02:11:25.0101 0x0bb8  tunnel - ok
02:11:25.0114 0x0bb8  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
02:11:25.0116 0x0bb8  uagp35 - ok
02:11:25.0132 0x0bb8  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
02:11:25.0134 0x0bb8  UASPStor - ok
02:11:25.0202 0x0bb8  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
02:11:25.0209 0x0bb8  UCX01000 - ok
02:11:25.0284 0x0bb8  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
02:11:25.0294 0x0bb8  udfs - ok
02:11:25.0318 0x0bb8  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
02:11:25.0320 0x0bb8  UEFI - ok
02:11:25.0350 0x0bb8  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect      C:\WINDOWS\system32\UI0Detect.exe
02:11:25.0353 0x0bb8  UI0Detect - ok
02:11:25.0397 0x0bb8  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
02:11:25.0398 0x0bb8  uliagpkx - ok
02:11:25.0412 0x0bb8  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus          C:\WINDOWS\System32\drivers\umbus.sys
02:11:25.0413 0x0bb8  umbus - ok
02:11:25.0416 0x0bb8  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
02:11:25.0417 0x0bb8  UmPass - ok
02:11:25.0478 0x0bb8  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
02:11:25.0492 0x0bb8  UmRdpService - ok
02:11:25.0535 0x0bb8  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
02:11:25.0547 0x0bb8  upnphost - ok
02:11:25.0591 0x0bb8  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
02:11:25.0593 0x0bb8  usbaudio - ok
02:11:25.0614 0x0bb8  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp        C:\WINDOWS\System32\drivers\usbccgp.sys

Faru 02.04.2015 01:47
Code:
02:11:25.0616 0x0bb8  usbccgp - ok
02:11:25.0649 0x0bb8  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
02:11:25.0651 0x0bb8  usbcir - ok
02:11:25.0697 0x0bb8  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci        C:\WINDOWS\System32\drivers\usbehci.sys
02:11:25.0699 0x0bb8  usbehci - ok
02:11:25.0711 0x0bb8  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
02:11:25.0717 0x0bb8  usbhub - ok
02:11:25.0755 0x0bb8  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3        C:\WINDOWS\System32\drivers\UsbHub3.sys
02:11:25.0761 0x0bb8  USBHUB3 - ok
02:11:25.0794 0x0bb8  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci        C:\WINDOWS\System32\drivers\usbohci.sys
02:11:25.0795 0x0bb8  usbohci - ok
02:11:25.0822 0x0bb8  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
02:11:25.0823 0x0bb8  usbprint - ok
02:11:25.0890 0x0bb8  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR        C:\WINDOWS\System32\drivers\USBSTOR.SYS
02:11:25.0898 0x0bb8  USBSTOR - ok
02:11:25.0921 0x0bb8  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci        C:\WINDOWS\System32\drivers\usbuhci.sys
02:11:25.0922 0x0bb8  usbuhci - ok
02:11:25.0984 0x0bb8  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
02:11:25.0990 0x0bb8  usbvideo - ok
02:11:26.0031 0x0bb8  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI        C:\WINDOWS\System32\drivers\USBXHCI.SYS
02:11:26.0035 0x0bb8  USBXHCI - ok
02:11:26.0055 0x0bb8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
02:11:26.0056 0x0bb8  VaultSvc - ok
02:11:26.0069 0x0bb8  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
02:11:26.0070 0x0bb8  vdrvroot - ok
02:11:26.0152 0x0bb8  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds            C:\WINDOWS\System32\vds.exe
02:11:26.0170 0x0bb8  vds - ok
02:11:26.0190 0x0bb8  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt    C:\WINDOWS\system32\drivers\VerifierExt.sys
02:11:26.0193 0x0bb8  VerifierExt - ok
02:11:26.0226 0x0bb8  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp          C:\WINDOWS\System32\drivers\vhdmp.sys
02:11:26.0234 0x0bb8  vhdmp - ok
02:11:26.0273 0x0bb8  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
02:11:26.0274 0x0bb8  viaide - ok
02:11:26.0289 0x0bb8  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus          C:\WINDOWS\system32\drivers\vmbus.sys
02:11:26.0290 0x0bb8  vmbus - ok
02:11:26.0301 0x0bb8  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
02:11:26.0302 0x0bb8  VMBusHID - ok
02:11:26.0387 0x0bb8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
02:11:26.0400 0x0bb8  vmicguestinterface - ok
02:11:26.0439 0x0bb8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat  C:\WINDOWS\System32\ICSvc.dll
02:11:26.0450 0x0bb8  vmicheartbeat - ok
02:11:26.0482 0x0bb8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
02:11:26.0489 0x0bb8  vmickvpexchange - ok
02:11:26.0501 0x0bb8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv        C:\WINDOWS\System32\ICSvc.dll
02:11:26.0522 0x0bb8  vmicrdv - ok
02:11:26.0551 0x0bb8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
02:11:26.0559 0x0bb8  vmicshutdown - ok
02:11:26.0570 0x0bb8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
02:11:26.0578 0x0bb8  vmictimesync - ok
02:11:26.0594 0x0bb8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss        C:\WINDOWS\System32\ICSvc.dll
02:11:26.0603 0x0bb8  vmicvss - ok
02:11:26.0653 0x0bb8  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
02:11:26.0655 0x0bb8  volmgr - ok
02:11:26.0684 0x0bb8  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx        C:\WINDOWS\system32\drivers\volmgrx.sys
02:11:26.0690 0x0bb8  volmgrx - ok
02:11:26.0703 0x0bb8  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap        C:\WINDOWS\system32\drivers\volsnap.sys
02:11:26.0707 0x0bb8  volsnap - ok
02:11:26.0748 0x0bb8  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
02:11:26.0749 0x0bb8  vpci - ok
02:11:26.0778 0x0bb8  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid        C:\WINDOWS\system32\drivers\vsmraid.sys
02:11:26.0781 0x0bb8  vsmraid - ok
02:11:26.0889 0x0bb8  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS            C:\WINDOWS\system32\vssvc.exe
02:11:26.0913 0x0bb8  VSS - ok
02:11:26.0944 0x0bb8  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
02:11:26.0948 0x0bb8  VSTXRAID - ok
02:11:27.0008 0x0bb8  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
02:11:27.0009 0x0bb8  vwifibus - ok
02:11:27.0039 0x0bb8  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
02:11:27.0040 0x0bb8  vwififlt - ok
02:11:27.0073 0x0bb8  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp        C:\WINDOWS\system32\DRIVERS\vwifimp.sys
02:11:27.0074 0x0bb8  vwifimp - ok
02:11:27.0127 0x0bb8  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time        C:\WINDOWS\system32\w32time.dll
02:11:27.0141 0x0bb8  W32Time - ok
02:11:27.0168 0x0bb8  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
02:11:27.0169 0x0bb8  WacomPen - ok
02:11:27.0222 0x0bb8  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
02:11:27.0243 0x0bb8  wbengine - ok
02:11:27.0321 0x0bb8  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
02:11:27.0328 0x0bb8  WbioSrvc - ok
02:11:27.0380 0x0bb8  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
02:11:27.0386 0x0bb8  Wcmsvc - ok
02:11:27.0430 0x0bb8  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc        C:\WINDOWS\System32\wcncsvc.dll
02:11:27.0437 0x0bb8  wcncsvc - ok
02:11:27.0449 0x0bb8  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
02:11:27.0451 0x0bb8  WcsPlugInService - ok
02:11:27.0487 0x0bb8  [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
02:11:27.0488 0x0bb8  WdBoot - ok
02:11:27.0598 0x0bb8  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
02:11:27.0615 0x0bb8  Wdf01000 - ok
02:11:27.0683 0x0bb8  [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
02:11:27.0690 0x0bb8  WdFilter - ok
02:11:27.0728 0x0bb8  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
02:11:27.0731 0x0bb8  WdiServiceHost - ok
02:11:27.0743 0x0bb8  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost  C:\WINDOWS\system32\wdi.dll
02:11:27.0746 0x0bb8  WdiSystemHost - ok
02:11:27.0773 0x0bb8  [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
02:11:27.0775 0x0bb8  WdNisDrv - ok
02:11:27.0809 0x0bb8  WdNisSvc - ok
02:11:27.0856 0x0bb8  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient      C:\WINDOWS\System32\webclnt.dll
02:11:27.0860 0x0bb8  WebClient - ok
02:11:27.0872 0x0bb8  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
02:11:27.0876 0x0bb8  Wecsvc - ok
02:11:27.0900 0x0bb8  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
02:11:27.0902 0x0bb8  WEPHOSTSVC - ok
02:11:27.0929 0x0bb8  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport  C:\WINDOWS\System32\wercplsupport.dll
02:11:27.0933 0x0bb8  wercplsupport - ok
02:11:27.0950 0x0bb8  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
02:11:27.0953 0x0bb8  WerSvc - ok
02:11:27.0996 0x0bb8  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS        C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
02:11:27.0998 0x0bb8  WFPLWFS - ok
02:11:28.0048 0x0bb8  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
02:11:28.0057 0x0bb8  WiaRpc - ok
02:11:28.0099 0x0bb8  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
02:11:28.0108 0x0bb8  WIMMount - ok
02:11:28.0110 0x0bb8  WinDefend - ok
02:11:28.0178 0x0bb8  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
02:11:28.0196 0x0bb8  WinHttpAutoProxySvc - ok
02:11:28.0286 0x0bb8  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt        C:\WINDOWS\system32\wbem\WMIsvc.dll
02:11:28.0294 0x0bb8  Winmgmt - ok
02:11:28.0422 0x0bb8  [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM          C:\WINDOWS\system32\WsmSvc.dll
02:11:28.0458 0x0bb8  WinRM - ok
02:11:28.0527 0x0bb8  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
02:11:28.0531 0x0bb8  WinUsb - ok
02:11:28.0706 0x0bb8  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc        C:\WINDOWS\System32\wlansvc.dll
02:11:28.0729 0x0bb8  WlanSvc - ok
02:11:28.0835 0x0bb8  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc        C:\WINDOWS\system32\wlidsvc.dll
02:11:28.0862 0x0bb8  wlidsvc - ok
02:11:28.0903 0x0bb8  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi        C:\WINDOWS\System32\drivers\wmiacpi.sys
02:11:28.0904 0x0bb8  WmiAcpi - ok
02:11:28.0941 0x0bb8  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
02:11:28.0945 0x0bb8  wmiApSrv - ok
02:11:28.0996 0x0bb8  WMPNetworkSvc - ok
02:11:29.0085 0x0bb8  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof            C:\WINDOWS\system32\drivers\Wof.sys
02:11:29.0090 0x0bb8  Wof - ok
02:11:29.0243 0x0bb8  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
02:11:29.0266 0x0bb8  workfolderssvc - ok
02:11:29.0324 0x0bb8  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr        C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
02:11:29.0328 0x0bb8  wpcfltr - ok
02:11:29.0349 0x0bb8  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
02:11:29.0352 0x0bb8  WPCSvc - ok
02:11:29.0393 0x0bb8  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
02:11:29.0396 0x0bb8  WPDBusEnum - ok
02:11:29.0406 0x0bb8  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr      C:\WINDOWS\system32\drivers\WpdUpFltr.sys
02:11:29.0407 0x0bb8  WpdUpFltr - ok
02:11:29.0453 0x0bb8  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl        C:\WINDOWS\system32\drivers\ws2ifsl.sys
02:11:29.0454 0x0bb8  ws2ifsl - ok
02:11:29.0475 0x0bb8  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
02:11:29.0479 0x0bb8  wscsvc - ok
02:11:29.0482 0x0bb8  WSearch - ok
02:11:29.0693 0x0bb8  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService      C:\WINDOWS\System32\WSService.dll
02:11:29.0739 0x0bb8  WSService - ok
02:11:29.0792 0x0bb8  [ 0ECE1883160759330E896B82A9EBB70B, 6D35A50C80F1A5329D2C575B3FD2C3EEF43992CFA48F9EA6F559D16B9A9502C5 ] WTGService      C:\Program Files (x86)\3DataManager\WTGService.exe
02:11:29.0796 0x0bb8  WTGService - ok
02:11:30.0023 0x0bb8  [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
02:11:30.0071 0x0bb8  wuauserv - ok
02:11:30.0101 0x0bb8  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
02:11:30.0103 0x0bb8  WudfPf - ok
02:11:30.0154 0x0bb8  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
02:11:30.0166 0x0bb8  WUDFRd - ok
02:11:30.0179 0x0bb8  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
02:11:30.0184 0x0bb8  WUDFSensorLP - ok
02:11:30.0218 0x0bb8  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc        C:\WINDOWS\System32\WUDFSvc.dll
02:11:30.0222 0x0bb8  wudfsvc - ok
02:11:30.0231 0x0bb8  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
02:11:30.0237 0x0bb8  WUDFWpdFs - ok
02:11:30.0245 0x0bb8  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
02:11:30.0250 0x0bb8  WUDFWpdMtp - ok
02:11:30.0323 0x0bb8  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc        C:\WINDOWS\System32\wwansvc.dll
02:11:30.0342 0x0bb8  WwanSvc - ok
02:11:30.0355 0x0bb8  ================ Scan global ===============================
02:11:30.0480 0x0bb8  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
02:11:30.0525 0x0bb8  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
02:11:30.0577 0x0bb8  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
02:11:30.0603 0x0bb8  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
02:11:30.0609 0x0bb8  [ Global ] - ok
02:11:30.0610 0x0bb8  ================ Scan MBR ==================================
02:11:30.0641 0x0bb8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
02:11:30.0685 0x0bb8  \Device\Harddisk0\DR0 - ok
02:11:30.0685 0x0bb8  ================ Scan VBR ==================================
02:11:30.0693 0x0bb8  [ 79E05C9584EA03BB3C868BC23A07698E ] \Device\Harddisk0\DR0\Partition1
02:11:30.0700 0x0bb8  \Device\Harddisk0\DR0\Partition1 - ok
02:11:30.0714 0x0bb8  [ 9142B71EFBDC0FB443F0D55B8E416149 ] \Device\Harddisk0\DR0\Partition2
02:11:30.0725 0x0bb8  \Device\Harddisk0\DR0\Partition2 - ok
02:11:30.0739 0x0bb8  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
02:11:30.0745 0x0bb8  \Device\Harddisk0\DR0\Partition3 - ok
02:11:30.0773 0x0bb8  [ C28B69D5EB29E643F9419574F7D1077A ] \Device\Harddisk0\DR0\Partition4
02:11:30.0844 0x0bb8  \Device\Harddisk0\DR0\Partition4 - ok
02:11:30.0875 0x0bb8  [ 13E888D9B6C5EEF316B4FE5CFB06828D ] \Device\Harddisk0\DR0\Partition5
02:11:30.0988 0x0bb8  \Device\Harddisk0\DR0\Partition5 - ok
02:11:31.0030 0x0bb8  [ D6FF1BD3BB12C448ED05C6FA9A038F40 ] \Device\Harddisk0\DR0\Partition6
02:11:31.0048 0x0bb8  \Device\Harddisk0\DR0\Partition6 - ok
02:11:31.0048 0x0bb8  ================ Scan generic autorun ======================
02:11:31.0765 0x0bb8  [ 6DDA13FB28B620FEE52E0E616F4E7B70, 8C75E17E2C0C81BA3D1660ACB73591C181C3BD15237DF3A2E9734A7FF365C16A ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
02:11:31.0935 0x0bb8  RtHDVCpl - ok
02:11:32.0063 0x0bb8  [ 45D629AAF007A0DED6689A7A031D2AC7, DD10DEA927A2CC16EE38765DD1DE45E88288C09923DC14A95C1C6E457D535BCC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
02:11:32.0080 0x0bb8  RtHDVBg_Dolby - ok
02:11:32.0081 0x0bb8  ETDCtrl - ok
02:11:32.0142 0x0bb8  [ F81335DDF58DE487446438A5CBBC782F, E0C2350547B4B66C709679551177188C31E134E019011A703CAB39F9172731BC ] C:\Windows\system32\igfxtray.exe
02:11:32.0157 0x0bb8  IgfxTray - ok
02:11:32.0159 0x0bb8  HotKeysCmds - ok
02:11:32.0160 0x0bb8  Persistence - ok
02:11:32.0303 0x0bb8  [ 1F441326CD77B3F1532D487004B180FF, FD2FE6EECE1EF99F800DAF7B0C825C94FACE4C6D5806A2335B4D3C41F1E87F7F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
02:11:32.0336 0x0bb8  NvBackend - ok
02:11:32.0360 0x0bb8  [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\WINDOWS\system32\rundll32.exe
02:11:32.0362 0x0bb8  ShadowPlay - ok
02:11:32.0452 0x0bb8  [ 9153F2335BCDB87F41559CF066223BF9, C0F89F9A63B1F49F007A971F5180128EC0AFBBBF7CFA82CA1FA44CB9DB5F8BB3 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
02:11:32.0458 0x0bb8  SunJavaUpdateSched - ok
02:11:32.0745 0x0bb8  [ 32E6162E6DD6D25EEA08F926151F22F6, 0160C1738C79DAC3D7C3C72B5B00D08570B3D6051E171C9978EA8D55A528CE5E ] C:\Program Files (x86)\Steam\steam.exe
02:11:32.0782 0x0bb8  Steam - ok
02:11:32.0918 0x0bb8  UPNP Service - ok
02:11:32.0922 0x0bb8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
02:11:32.0923 0x0bb8  Win FW state via NFP2: enabled
02:11:35.0276 0x0bb8  ============================================================
02:11:35.0276 0x0bb8  Scan finished
02:11:35.0276 0x0bb8  ============================================================
02:11:35.0281 0x129c  Detected object count: 0
02:11:35.0281 0x129c  Actual detected object count: 0
02:13:15.0516 0x089c  Deinitialize success
Code:
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.04.01.11
  rootkit: v2015.03.31.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17690
Sebi :: PC-SEBI [administrator]

02.04.2015 00:19:48
mbar-log-2015-04-02 (00-19-48).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 377516
Time elapsed: 21 minute(s), 56 second(s)

Memory Processes Detected: 3
C:\Users\Sebi\AppData\Local\Temp\svhost.exe (Heuristics.Reserved.Word.Exploit) -> 52772 -> Delete on reboot. [0b642a3d2e5ce94d159e0163788c08f8]
C:\Users\Sebi\AppData\Roaming\svhost.exe (Trojan.Dropper) -> 53860 -> Delete on reboot. [016eb3b4c2c82115258f00c642c21ee2]
C:\Users\Sebi\AppData\Roaming\svhost.exe (Trojan.Dropper) -> 62160 -> Delete on reboot. [016eb3b4c2c82115258f00c642c21ee2]

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\SOFTWARE\DC3_FEXEC (Malware.Trace) -> Delete on reboot. [5e11d88f157593a3254e2983f21229d7]

Registry Values Detected: 2
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|a3a5a2e080e121e467a75d823c0022bf (Trojan.Dropper) -> Data: "C:\Users\Sebi\AppData\Roaming\svhost.exe" .. -> Delete on reboot. [016eb3b4c2c82115258f00c642c21ee2]
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Shell (Hijack.ShellA.Gen) -> Data: C:\Users\Sebi\AppData\Local\Temp\FolderName\file.exe -> Delete on reboot. [a1cecb9cb1d981b5f2e7596817ec1ae6]

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\Sebi\AppData\Roaming\dclogs (Stolen.Data) -> Delete on reboot. [cba47bec7812b77fb15ea635e51f629e]

Files Detected: 6
C:\Users\Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a3a5a2e080e121e467a75d823c0022bf.exe (Trojan.MSIL.GenX) -> Delete on reboot. [77f8a7c0563492a4b99187a28c75d828]
C:\Users\Sebi\AppData\Local\Temp\svhost.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot. [0b642a3d2e5ce94d159e0163788c08f8]
C:\Users\Sebi\AppData\Roaming\svhost.exe (Trojan.Dropper) -> Delete on reboot. [016eb3b4c2c82115258f00c642c21ee2]
C:\Users\Sebi\AppData\Roaming\dclogs\2015-03-31-3.dc (Stolen.Data) -> Delete on reboot. [cba47bec7812b77fb15ea635e51f629e]
C:\Users\Sebi\AppData\Roaming\dclogs\2015-04-01-4.dc (Stolen.Data) -> Delete on reboot. [cba47bec7812b77fb15ea635e51f629e]
C:\Users\Sebi\AppData\Local\Temp\FolderName\file.exe (Trojan.Agent.E) -> Delete on reboot. [09662a3d6624fe385f9bd76d9e67f010]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Code:
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.04.01.11
  rootkit: v2015.03.31.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17690
Sebi :: PC-SEBI [administrator]

02.04.2015 02:08:45
mbar-log-2015-04-02 (02-08-45).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 377146
Time elapsed: 23 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

schrauber 02.04.2015 19:54
ich frag mich was du treibst.....


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Faru 02.04.2015 22:08
Combofix ist am Desktop aber mir wird gesagt das mein System (Windows8.1) nicht unterstützt wird ???

schrauber 03.04.2015 13:32
Mein Fehler.

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte. Dann hauen wir den Rest in einem Fix raus.

Faru 05.04.2015 22:29
Code:
# AdwCleaner v4.200 - Bericht erstellt 05/04/2015 um 23:15:19
# Aktualisiert 29/03/2015 von Xplode
# Datenbank : 2015-03-29.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Sebi - PC-SEBI
# Gestarted von : C:\Users\Sebi\Downloads\adwcleaner_4.200.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\a3a5a2e080e121e467a75d823c0022bf

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v37.0.1 (x86 de)


*************************

AdwCleaner[R0].txt - [1747 Bytes] - [27/03/2015 20:05:13]
AdwCleaner[R1].txt - [1806 Bytes] - [27/03/2015 20:28:48]
AdwCleaner[R2].txt - [1012 Bytes] - [05/04/2015 23:14:07]
AdwCleaner[S0].txt - [1461 Bytes] - [27/03/2015 20:30:01]
AdwCleaner[S1].txt - [934 Bytes] - [05/04/2015 23:15:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [992  Bytes] ##########
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 04.04.2015
Suchlauf-Zeit: 17:04:47
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.04.04.04
Rootkit Datenbank: v2015.03.31.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Sebi

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 370441
Verstrichene Zeit: 20 Min, 30 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.1 (04.02.2015:1)
OS: Windows 8.1 x64
Ran by Sebi on 05.04.2015 at 23:27:21,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.04.2015 at 23:28:44,65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber 06.04.2015 13:53

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Faru 07.04.2015 03:16
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=25c34f5fa725524082cecb317383bc1c
# engine=23256
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-07 02:08:53
# local_time=2015-04-07 04:08:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1792588 9762921 0 0
# scanned=256770
# found=32
# cleaned=32
# scan_time=4043
sh=E733604036E3B6E86FD74668E58E203048746E0B ft=1 fh=b726058448fbbdee vn="Variante von MSIL/Injector.IPN Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\tmp1287.tmp.exe.xBAD"
sh=889D307816E30CC9FFBAEE2794F21674D36FAC30 ft=1 fh=f0bf304c91557728 vn="Variante von MSIL/Injector.IQT Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\tmp130F.tmp.exe.xBAD"
sh=3009A2B7655DC6F4E5D4CDF63E4EF126B557204E ft=1 fh=e62ccb017365c528 vn="Variante von MSIL/Injector.IQT Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\tmp1426.tmp.exe.xBAD"
sh=7BB468C8EDE71A8CB1D8A49236DAC46827466A21 ft=1 fh=a3f565d065d6e44b vn="Variante von MSIL/Injector.IPN Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\tmp18CD.tmp.exe.xBAD"
sh=2EFD59DE2B15D879C66D2E9CD49BCE27BBCD8138 ft=1 fh=c1d4fb6b9a26dfe2 vn="Variante von MSIL/Injector.IPN Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\tmp1C9D.tmp.exe.xBAD"
sh=1558564CC335E57B23D4C5203E449B3CD3C4894B ft=1 fh=404e1a1620f7676e vn="Variante von MSIL/Injector.IPN Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\tmp296D.tmp.exe.xBAD"
sh=683C401E946BB8E5DC8B25F7135058CAE1BFE301 ft=1 fh=39b6037be75d7ade vn="Variante von MSIL/Injector.IRT Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\tmp33FE.tmp.exe.xBAD"
sh=07EFFF4E8E108F7D9D48D2A1B3B63B447B868A34 ft=1 fh=ff32df62a84ac5a1 vn="Variante von MSIL/Injector.IQT Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\tmp3E27.tmp.exe.xBAD"
sh=E1D054131BB6061FF8E3B296239F94EF17424840 ft=1 fh=a9bc4fa7183743e6 vn="Variante von MSIL/Injector.IPN Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\tmp4F26.tmp.exe.xBAD"
sh=3009A2B7655DC6F4E5D4CDF63E4EF126B557204E ft=1 fh=e62ccb017365c528 vn="Variante von MSIL/Injector.IQT Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\tmp559B.tmp.exe.xBAD"
sh=889D307816E30CC9FFBAEE2794F21674D36FAC30 ft=1 fh=f0bf304c91557728 vn="Variante von MSIL/Injector.IQT Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\tmp7170.tmp.exe.xBAD"
sh=3009A2B7655DC6F4E5D4CDF63E4EF126B557204E ft=1 fh=e62ccb017365c528 vn="Variante von MSIL/Injector.IQT Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\tmp8229.tmp.exe.xBAD"
sh=BB27E1987F5ECE427F744FCEE8257F0EF1B778E5 ft=1 fh=42cabba1a230262c vn="Variante von MSIL/Injector.IQT Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\tmp8D7F.tmp.exe.xBAD"
sh=411C461A8EE9DD1095A9F5D6A3417A85D4615F70 ft=1 fh=c07ce4381c4f600b vn="Variante von MSIL/Injector.IPN Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\tmp9105.tmp.exe.xBAD"
sh=47BC7E9FE949A4DDA33870F24BA409E682A39244 ft=1 fh=d60ea6bfb1b608e6 vn="Variante von MSIL/Injector.IPN Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\tmpB934.tmp.exe.xBAD"
sh=47B19AB97028D8925579BED54EFEE88C8107D6B6 ft=1 fh=34f71966959b3eb8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\DMR\dmr_72.exe.xBAD"
sh=E733604036E3B6E86FD74668E58E203048746E0B ft=1 fh=b726058448fbbdee vn="Variante von MSIL/Injector.IPN Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Local\Temp\Window\svhost.exe.xBAD"
sh=1558564CC335E57B23D4C5203E449B3CD3C4894B ft=1 fh=404e1a1620f7676e vn="Variante von MSIL/Injector.IPN Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe.xBAD"
sh=8D507068C29028AF285E01EF5C9A013B611F0739 ft=1 fh=5011d053f7708d88 vn="Variante von MSIL/Injector.IPN Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Roaming\FolderName\file.exe.xBAD"
sh=8D507068C29028AF285E01EF5C9A013B611F0739 ft=1 fh=5011d053f7708d88 vn="Variante von MSIL/Injector.IPN Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\atidrv.exe.xBAD"
sh=8D507068C29028AF285E01EF5C9A013B611F0739 ft=1 fh=5011d053f7708d88 vn="Variante von MSIL/Injector.IPN Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(1).exe.xBAD"
sh=8D507068C29028AF285E01EF5C9A013B611F0739 ft=1 fh=5011d053f7708d88 vn="Variante von MSIL/Injector.IPN Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(2).exe.xBAD"
sh=889D307816E30CC9FFBAEE2794F21674D36FAC30 ft=1 fh=f0bf304c91557728 vn="Variante von MSIL/Injector.IQT Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\ESEA.exe.xBAD"
sh=72618C336491CC5771CFA8504F0BDC7AC5BED1B6 ft=1 fh=2766d1deed106adf vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe.xBAD"
sh=ACFE1154C7909A0DC5645116C5759C5AD1C12A8B ft=1 fh=c5f7c476020e0d08 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\Downloads\Paint NET - CHIP-Installer(1).exe.xBAD"
sh=E99FF3B133B16F984A270B1E800534CE506B74AA ft=1 fh=8937c30e40957c26 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\Users\Sebi\Downloads\Paint NET - CHIP-Installer.exe.xBAD"
sh=73641A8C58B423DF174902BE4C7D57145B4F4F21 ft=1 fh=74770ca0f35da89e vn="Variante von MSIL/Injector.IPN Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Sebi\AppData\Local\Temp\atidrv.exe"
sh=889D307816E30CC9FFBAEE2794F21674D36FAC30 ft=1 fh=f0bf304c91557728 vn="Variante von MSIL/Injector.IQT Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Sebi\AppData\Local\Temp\ESEA.exe"
sh=E864F3DE0CAD13C78F4C994002EB93A2EAA2584F ft=1 fh=8cbd4cc68c5763af vn="Variante von MSIL/Injector.IXB Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Sebi\AppData\Local\Temp\tmp2280.tmp.exe"
sh=A54C0FB1CBFB13BFE0C00AE937C1E72068195CDB ft=1 fh=de9cbc5ac1f935e0 vn="Variante von MSIL/Injector.IXB Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Sebi\AppData\Local\Temp\tmpF05C.tmp.exe"
sh=0236B39EF41661E20E061A57A16C84FFFE89AF4D ft=1 fh=568e0aec4bca3b24 vn="Variante von MSIL/Injector.IXB Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\446521406"
sh=A54C0FB1CBFB13BFE0C00AE937C1E72068195CDB ft=1 fh=de9cbc5ac1f935e0 vn="Variante von MSIL/Injector.IXB Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Sebi\AppData\Roaming\FolderName\file.exe"
Beim security check bekomm ich nur die Meldung: UNSUPPORTED OPERATING SYSTEM! ABORTED!
:(

schrauber 07.04.2015 17:28
Securitycheck ignorieren und den Rest von oben bitte noch :)

Faru 07.04.2015 18:14

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Sebi (administrator) on PC-SEBI on 07-04-2015 19:13:17
Running from C:\Users\Sebi\Downloads
Loaded Profiles: Sebi (Available profiles: Sebi)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
() C:\Program Files (x86)\3DataManager\WTGService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Atheros Communications))
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [UPNP Service] => C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\MountPoints2: {3ef3322e-f63a-11e2-be6c-806e6f6e6963} - "D:\SETUP.EXE"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2171534533-33094092-2416115179-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2171534533-33094092-2416115179-1002 -> {6C84E0BC-9872-4A8D-8BD9-601B5D96A660} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25] (Qualcomm Atheros Commnucations)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default
FF Homepage: https://www.google.at
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2014-11-28] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-22] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin HKU\S-1-5-21-2171534533-33094092-2416115179-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sebi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-11]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-15] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [343024 2012-07-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 rzdaendpt; C:\Windows\System32\drivers\rzdaendpt.sys [33448 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-12-10] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [31912 2014-12-30] (Razer Inc)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-07 04:15 - 2015-04-07 04:15 - 00852607 _____ () C:\Users\Sebi\Desktop\SecurityCheck(1).exe
2015-04-07 02:59 - 2015-04-07 02:59 - 02347384 _____ (ESET) C:\Users\Sebi\Downloads\esetsmartinstaller_deu(1).exe
2015-04-06 15:10 - 2015-04-06 15:10 - 00000222 _____ () C:\Users\Sebi\Desktop\Star Wars Knights of the Old Republic II.url
2015-04-05 23:32 - 2015-04-05 23:32 - 00184195 _____ () C:\Users\Sebi\Downloads\Vorläufiger Arbeitsplan.xlsx
2015-04-05 23:27 - 2015-04-05 23:27 - 02690981 _____ (Thisisu) C:\Users\Sebi\Downloads\JRT(1).exe
2015-04-05 23:27 - 2015-04-05 23:27 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-PC-SEBI-Windows-8.1-(64-bit).dat
2015-04-05 23:27 - 2015-04-05 23:27 - 00000000 ____D () C:\RegBackup
2015-04-05 23:13 - 2015-04-05 23:13 - 02208768 _____ () C:\Users\Sebi\Downloads\adwcleaner_4.200.exe
2015-04-04 17:25 - 2015-04-04 17:28 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-04 17:25 - 2015-04-04 17:25 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-04 03:16 - 2015-04-04 03:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-02 02:08 - 2015-04-02 02:08 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-02 00:23 - 2015-04-02 00:23 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sebi\Downloads\tdsskiller(1).exe
2015-04-02 00:14 - 2015-04-02 00:15 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sebi\Downloads\mbar-1.09.1.1004(1).exe
2015-03-29 13:23 - 2015-03-29 13:23 - 00001619 _____ () C:\Users\Sebi\Downloads\Fixlist.txt
2015-03-28 14:57 - 2015-03-28 14:57 - 00852604 _____ () C:\Users\Sebi\Downloads\SecurityCheck.exe
2015-03-28 14:55 - 2015-03-28 14:55 - 02347384 _____ (ESET) C:\Users\Sebi\Downloads\esetsmartinstaller_deu.exe
2015-03-27 20:35 - 2015-03-27 20:35 - 01388782 _____ (Thisisu) C:\Users\Sebi\Downloads\JRT.exe
2015-03-27 20:04 - 2015-04-05 23:15 - 00000000 ____D () C:\AdwCleaner
2015-03-26 20:43 - 2015-03-26 20:44 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sebi\Downloads\tdsskiller.exe
2015-03-26 20:40 - 2015-04-05 23:16 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-26 20:39 - 2015-03-26 20:39 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sebi\Downloads\mbar-1.09.1.1004.exe
2015-03-26 16:06 - 2015-03-29 18:03 - 00032617 _____ () C:\Users\Sebi\Downloads\Addition.txt
2015-03-26 16:05 - 2015-04-07 19:13 - 00017995 _____ () C:\Users\Sebi\Downloads\FRST.txt
2015-03-26 16:05 - 2015-04-07 19:13 - 00000000 ____D () C:\FRST
2015-03-26 16:05 - 2015-03-26 16:05 - 02095616 _____ (Farbar) C:\Users\Sebi\Downloads\FRST64.exe
2015-03-25 21:48 - 2015-04-05 23:30 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-25 21:48 - 2015-04-02 02:08 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-25 21:48 - 2015-03-25 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-25 21:48 - 2015-03-25 21:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-25 21:48 - 2015-03-25 21:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-25 21:48 - 2015-03-17 07:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-25 21:48 - 2015-03-17 07:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-25 12:35 - 2015-03-11 04:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-03-24 14:09 - 2015-04-02 02:02 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4
2015-03-24 11:15 - 2015-03-24 11:15 - 01054912 _____ (Adobe) C:\Users\Sebi\Downloads\install_flashplayer17x32au_ltr5x64d_awc_aih.exe
2015-03-24 02:29 - 2015-03-31 01:18 - 00000000 __SHD () C:\Users\Sebi\AppData\Roaming\FolderName
2015-03-24 02:22 - 2015-03-24 02:22 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Skype
2015-03-24 02:21 - 2015-03-28 16:32 - 00000000 ____D () C:\ProgramData\Skype
2015-03-24 02:21 - 2015-03-25 22:09 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Skype
2015-03-24 02:20 - 2015-03-24 02:20 - 00003134 _____ () C:\WINDOWS\System32\Tasks\{99D679EF-1A1A-4D6A-8435-4AAA89B03323}
2015-03-19 22:08 - 2015-03-19 22:08 - 00000000 ____D () C:\Users\Sebi\Documents\Benutzerdefinierte Office-Vorlagen
2015-03-16 20:08 - 2015-03-16 20:08 - 00000222 _____ () C:\Users\Sebi\Desktop\South Park The Stick of Truth.url
2015-03-11 12:35 - 2015-02-04 01:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 12:35 - 2015-02-04 01:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 12:35 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 12:35 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 12:34 - 2015-03-06 04:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 12:34 - 2015-03-06 04:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 12:34 - 2015-02-26 01:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 12:34 - 2015-02-20 05:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 12:34 - 2015-02-20 04:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 12:34 - 2015-02-20 04:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 12:34 - 2015-02-20 04:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 12:34 - 2015-02-07 01:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 12:34 - 2015-02-06 03:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 12:34 - 2015-02-06 03:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 12:34 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 12:34 - 2015-02-04 01:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 12:34 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 12:34 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 12:34 - 2015-01-31 01:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 12:34 - 2015-01-31 01:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 12:34 - 2015-01-30 05:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 12:34 - 2015-01-30 05:00 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-11 12:34 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 12:34 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 12:34 - 2015-01-29 03:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 12:34 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 12:34 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 12:34 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 12:34 - 2014-10-29 04:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-03-11 12:34 - 2014-10-29 04:46 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-03-11 12:34 - 2014-10-29 04:46 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-03-11 12:34 - 2014-10-29 04:45 - 01198080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-03-11 12:34 - 2014-10-29 04:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-03-11 12:34 - 2014-10-29 04:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-03-11 12:34 - 2014-10-29 04:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2015-03-11 12:34 - 2014-10-29 04:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-03-11 12:34 - 2014-10-29 04:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2015-03-11 12:34 - 2014-10-29 04:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-03-11 12:34 - 2014-10-29 04:03 - 00241152 ____C (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2015-03-11 12:34 - 2014-10-29 04:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-03-11 12:34 - 2014-10-29 04:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-03-11 12:34 - 2014-10-29 03:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2015-03-11 12:34 - 2014-10-29 03:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2015-03-11 12:34 - 2014-10-29 03:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-11 12:34 - 2014-10-29 03:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-03-11 12:34 - 2014-10-29 03:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2015-03-11 12:34 - 2014-10-29 03:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-03-11 12:34 - 2014-10-29 03:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-03-11 12:34 - 2014-10-29 02:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-03-11 12:34 - 2014-10-29 02:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-03-11 12:34 - 2014-10-29 02:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-11 12:34 - 2014-10-29 02:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-03-11 12:33 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 12:33 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 12:33 - 2015-01-31 01:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 12:33 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 12:33 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 12:33 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 12:33 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 12:33 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 12:33 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 12:33 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 12:33 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 12:33 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 12:33 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 12:33 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 12:33 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 12:33 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 12:33 - 2015-01-29 03:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 12:33 - 2015-01-29 03:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 12:33 - 2015-01-29 02:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 12:33 - 2015-01-29 02:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 12:33 - 2015-01-29 02:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 12:33 - 2015-01-29 02:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 12:33 - 2015-01-28 17:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 12:33 - 2015-01-28 17:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 12:33 - 2015-01-28 17:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 12:33 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 12:33 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 12:33 - 2015-01-27 06:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 12:33 - 2015-01-27 04:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 12:33 - 2014-10-29 05:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-03-11 12:33 - 2014-10-29 04:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-11 12:33 - 2014-10-29 04:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-03-11 12:33 - 2014-10-29 04:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-03-11 12:33 - 2014-10-29 03:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-11 12:33 - 2014-10-29 03:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-03-11 12:33 - 2014-10-29 03:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-11 12:33 - 2014-10-29 02:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2015-03-11 12:33 - 2014-10-29 02:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 12:30 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 12:30 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 12:30 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 12:30 - 2015-02-21 02:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 12:30 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 12:30 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 12:30 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 12:30 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 12:30 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 12:30 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 12:30 - 2015-02-20 04:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 12:30 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 12:30 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 12:30 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 12:30 - 2015-02-20 04:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 12:30 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 12:30 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 12:30 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 12:30 - 2015-02-20 03:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 12:30 - 2015-02-20 03:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 12:30 - 2015-02-20 03:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 12:30 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 12:30 - 2015-02-20 03:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 12:30 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 12:30 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 12:30 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 12:30 - 2015-02-20 03:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 12:30 - 2015-02-20 03:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 12:30 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 12:30 - 2015-02-20 03:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 12:30 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 12:30 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 12:30 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 12:30 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 12:30 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 12:30 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 12:30 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 12:29 - 2015-02-12 19:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 12:29 - 2015-02-12 19:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 12:29 - 2015-01-29 20:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 12:29 - 2015-01-29 20:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 12:29 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-11 12:28 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 12:28 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 12:28 - 2015-01-28 03:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 12:28 - 2015-01-28 03:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 12:28 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 12:28 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 12:28 - 2015-01-21 07:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-11 12:28 - 2015-01-21 07:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-09 23:44 - 2015-03-09 23:44 - 00004856 _____ () C:\Users\Sebi\Downloads\config_ endde83.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-07 19:01 - 2015-01-14 17:30 - 01625494 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-07 19:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-07 18:53 - 2015-01-27 10:50 - 00005128 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Pc-Sebi-Sebi Pc-Sebi
2015-04-07 18:18 - 2014-12-15 13:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-07 18:00 - 2015-01-07 21:04 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-07 17:23 - 2014-12-14 16:41 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2171534533-33094092-2416115179-1002
2015-04-07 13:35 - 2015-01-22 14:43 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Deployment
2015-04-07 13:12 - 2015-01-28 12:43 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{708BD5AD-2F5C-4A11-8A1A-FE53B4E2038D}
2015-04-05 23:33 - 2014-12-14 16:35 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Packages
2015-04-05 23:24 - 2014-09-24 08:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-05 23:24 - 2014-09-24 07:43 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-04-05 23:24 - 2014-09-24 07:43 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-04-05 23:20 - 2015-01-27 10:50 - 00000000 ___DO () C:\Users\Sebi\OneDrive
2015-04-05 23:16 - 2014-12-14 16:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-05 23:16 - 2014-09-23 23:06 - 00038238 _____ () C:\WINDOWS\PFRO.log
2015-04-05 23:16 - 2013-08-22 16:46 - 00342516 _____ () C:\WINDOWS\setupact.log
2015-04-05 23:16 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-05 23:16 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-05 14:13 - 2015-01-07 22:10 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-04-04 17:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-04 17:28 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-03 01:09 - 2015-01-14 15:41 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\TS3Client
2015-04-02 02:05 - 2015-01-22 14:39 - 00135680 ___SH () C:\Users\Sebi\Desktop\Thumbs.db
2015-04-02 02:03 - 2013-07-27 00:05 - 00000000 ____D () C:\ProgramData\Norton
2015-03-26 13:23 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-25 23:40 - 2015-01-14 17:37 - 00000000 ____D () C:\Users\Sebi
2015-03-25 22:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\tracing
2015-03-25 22:25 - 2015-01-11 15:17 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-25 22:25 - 2014-09-24 09:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-25 20:16 - 2015-01-27 22:10 - 06528454 _____ () C:\Users\Sebi\Downloads\paint.net.4.0.5.install.zip
2015-03-21 17:51 - 2015-01-08 17:45 - 00000072 _____ () C:\Users\Public\LMDebug.log
2015-03-17 19:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-17 11:15 - 2013-08-22 16:44 - 00372192 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-17 11:08 - 2015-01-22 14:23 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-17 02:20 - 2015-01-13 02:54 - 00000000 ____D () C:\Users\Sebi\Documents\My Games
2015-03-13 22:13 - 2015-01-08 14:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-13 22:10 - 2015-01-08 14:00 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-13 16:07 - 2015-01-22 14:55 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2171534533-33094092-2416115179-1002

==================== Files in the root of some directories =======

2015-04-02 02:08 - 2015-04-02 02:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Sebi\AppData\Local\Temp\Quarantine.exe
C:\Users\Sebi\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-06 15:53

==================== End Of Log ============================
--- --- ---



Wirklich danke für deine Geduld und Zeit Schrauber :)

schrauber 08.04.2015 07:00
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [UPNP Service] => C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe
C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




frisches FRST log bitte.

Faru 08.04.2015 18:39
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Sebi at 2015-04-08 19:30:52 Run:2
Running from C:\Users\Sebi\Downloads
Loaded Profiles: Sebi (Available profiles: Sebi)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Sebi\AppData\Local\Temp\tmp1287.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp130F.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp1426.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp18CD.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp1C9D.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp296D.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp33FE.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp3E27.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp4F26.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp559B.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp7170.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp8229.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp8D7F.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp9105.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmpB934.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\Sebi\AppData\Local\Temp\Window\svhost.exe

C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe

C:\Users\Sebi\AppData\Roaming\FolderName\file.exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\atidrv.exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(1).exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(2).exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\ESEA.exe

C:\Users\Sebi\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe

C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer(1).exe

C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer.exe
S0 rjaty; System32\drivers\imofugc.sys [X]
C:\ProgramData\DP45977C.lfl
Emptytemp:
*****************

"C:\Users\Sebi\AppData\Local\Temp\tmp1287.tmp.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\tmp130F.tmp.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\tmp1426.tmp.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\tmp18CD.tmp.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\tmp1C9D.tmp.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\tmp296D.tmp.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\tmp33FE.tmp.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\tmp3E27.tmp.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\tmp4F26.tmp.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\tmp559B.tmp.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\tmp7170.tmp.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\tmp8229.tmp.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\tmp8D7F.tmp.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\tmp9105.tmp.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\tmpB934.tmp.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\DMR\dmr_72.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Local\Temp\Window\svhost.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Roaming\FolderName\file.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\atidrv.exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(1).exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(2).exe" => File/Directory not found.
"C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\ESEA.exe" => File/Directory not found.
"C:\Users\Sebi\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe" => File/Directory not found.
"C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer(1).exe" => File/Directory not found.
"C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer.exe" => File/Directory not found.
rjaty => Service not found.
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
EmptyTemp: => Removed 419.9 MB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-04-08 19:33:17)<=

C:\ProgramData\DP45977C.lfl => Is moved successfully.

==== End of Fixlog 19:33:17 ====

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Sebi (administrator) on PC-SEBI on 08-04-2015 19:38:06
Running from C:\Users\Sebi\Downloads
Loaded Profiles: Sebi (Available profiles: Sebi)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\3DataManager\WTGService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Sebi\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Atheros Communications))
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [UPNP Service] => C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\MountPoints2: {3ef3322e-f63a-11e2-be6c-806e6f6e6963} - "D:\SETUP.EXE"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2171534533-33094092-2416115179-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2171534533-33094092-2416115179-1002 -> {6C84E0BC-9872-4A8D-8BD9-601B5D96A660} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25] (Qualcomm Atheros Commnucations)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default
FF Homepage: https://www.google.at
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2014-11-28] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-22] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin HKU\S-1-5-21-2171534533-33094092-2416115179-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sebi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-11]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-15] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [343024 2012-07-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 rzdaendpt; C:\Windows\System32\drivers\rzdaendpt.sys [33448 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-12-10] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [31912 2014-12-30] (Razer Inc)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-08 19:37 - 2015-04-08 19:37 - 02095616 _____ (Farbar) C:\Users\Sebi\Downloads\FRST64(1).exe
2015-04-08 19:34 - 2015-04-08 19:34 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-08 19:30 - 2015-04-08 19:30 - 00000247 _____ () C:\Users\Sebi\Desktop\Fixlist.txt
2015-04-07 04:15 - 2015-04-07 04:15 - 00852607 _____ () C:\Users\Sebi\Desktop\SecurityCheck(1).exe
2015-04-07 02:59 - 2015-04-07 02:59 - 02347384 _____ (ESET) C:\Users\Sebi\Downloads\esetsmartinstaller_deu(1).exe
2015-04-06 15:10 - 2015-04-06 15:10 - 00000222 _____ () C:\Users\Sebi\Desktop\Star Wars Knights of the Old Republic II.url
2015-04-05 23:32 - 2015-04-05 23:32 - 00184195 _____ () C:\Users\Sebi\Downloads\Vorläufiger Arbeitsplan.xlsx
2015-04-05 23:27 - 2015-04-05 23:27 - 02690981 _____ (Thisisu) C:\Users\Sebi\Downloads\JRT(1).exe
2015-04-05 23:27 - 2015-04-05 23:27 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-PC-SEBI-Windows-8.1-(64-bit).dat
2015-04-05 23:27 - 2015-04-05 23:27 - 00000000 ____D () C:\RegBackup
2015-04-05 23:13 - 2015-04-05 23:13 - 02208768 _____ () C:\Users\Sebi\Downloads\adwcleaner_4.200.exe
2015-04-04 17:25 - 2015-04-04 17:28 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-04 17:25 - 2015-04-04 17:25 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-04 03:16 - 2015-04-04 03:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-02 00:23 - 2015-04-02 00:23 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sebi\Downloads\tdsskiller(1).exe
2015-04-02 00:14 - 2015-04-02 00:15 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sebi\Downloads\mbar-1.09.1.1004(1).exe
2015-03-28 14:57 - 2015-03-28 14:57 - 00852604 _____ () C:\Users\Sebi\Downloads\SecurityCheck.exe
2015-03-28 14:55 - 2015-03-28 14:55 - 02347384 _____ (ESET) C:\Users\Sebi\Downloads\esetsmartinstaller_deu.exe
2015-03-27 20:35 - 2015-03-27 20:35 - 01388782 _____ (Thisisu) C:\Users\Sebi\Downloads\JRT.exe
2015-03-27 20:04 - 2015-04-05 23:15 - 00000000 ____D () C:\AdwCleaner
2015-03-26 20:43 - 2015-03-26 20:44 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sebi\Downloads\tdsskiller.exe
2015-03-26 20:40 - 2015-04-05 23:16 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-26 20:39 - 2015-03-26 20:39 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sebi\Downloads\mbar-1.09.1.1004.exe
2015-03-26 16:06 - 2015-03-29 18:03 - 00032617 _____ () C:\Users\Sebi\Downloads\Addition.txt
2015-03-26 16:05 - 2015-04-08 19:38 - 00018095 _____ () C:\Users\Sebi\Downloads\FRST.txt
2015-03-26 16:05 - 2015-04-08 19:38 - 00000000 ____D () C:\FRST
2015-03-26 16:05 - 2015-03-26 16:05 - 02095616 _____ (Farbar) C:\Users\Sebi\Downloads\FRST64.exe
2015-03-25 21:48 - 2015-04-05 23:30 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-25 21:48 - 2015-04-02 02:08 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-25 21:48 - 2015-03-25 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-25 21:48 - 2015-03-25 21:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-25 21:48 - 2015-03-25 21:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-25 21:48 - 2015-03-17 07:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-25 21:48 - 2015-03-17 07:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-25 12:35 - 2015-03-11 04:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-03-24 14:09 - 2015-04-02 02:02 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4
2015-03-24 11:15 - 2015-03-24 11:15 - 01054912 _____ (Adobe) C:\Users\Sebi\Downloads\install_flashplayer17x32au_ltr5x64d_awc_aih.exe
2015-03-24 02:29 - 2015-04-07 04:08 - 00000000 __SHD () C:\Users\Sebi\AppData\Roaming\FolderName
2015-03-24 02:22 - 2015-03-24 02:22 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Skype
2015-03-24 02:21 - 2015-03-28 16:32 - 00000000 ____D () C:\ProgramData\Skype
2015-03-24 02:21 - 2015-03-25 22:09 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Skype
2015-03-24 02:20 - 2015-03-24 02:20 - 00003134 _____ () C:\WINDOWS\System32\Tasks\{99D679EF-1A1A-4D6A-8435-4AAA89B03323}
2015-03-19 22:08 - 2015-03-19 22:08 - 00000000 ____D () C:\Users\Sebi\Documents\Benutzerdefinierte Office-Vorlagen
2015-03-16 20:08 - 2015-03-16 20:08 - 00000222 _____ () C:\Users\Sebi\Desktop\South Park The Stick of Truth.url
2015-03-11 12:35 - 2015-02-04 01:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 12:35 - 2015-02-04 01:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 12:35 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 12:35 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 12:34 - 2015-03-06 04:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 12:34 - 2015-03-06 04:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 12:34 - 2015-02-26 01:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 12:34 - 2015-02-20 05:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 12:34 - 2015-02-20 04:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 12:34 - 2015-02-20 04:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 12:34 - 2015-02-20 04:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 12:34 - 2015-02-07 01:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 12:34 - 2015-02-06 03:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 12:34 - 2015-02-06 03:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 12:34 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 12:34 - 2015-02-04 01:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 12:34 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 12:34 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 12:34 - 2015-01-31 01:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 12:34 - 2015-01-31 01:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 12:34 - 2015-01-30 05:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 12:34 - 2015-01-30 05:00 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-11 12:34 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 12:34 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 12:34 - 2015-01-29 03:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 12:34 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 12:34 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 12:34 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 12:34 - 2014-10-29 04:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-03-11 12:34 - 2014-10-29 04:46 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-03-11 12:34 - 2014-10-29 04:46 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-03-11 12:34 - 2014-10-29 04:45 - 01198080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-03-11 12:34 - 2014-10-29 04:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-03-11 12:34 - 2014-10-29 04:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-03-11 12:34 - 2014-10-29 04:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2015-03-11 12:34 - 2014-10-29 04:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-03-11 12:34 - 2014-10-29 04:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2015-03-11 12:34 - 2014-10-29 04:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-03-11 12:34 - 2014-10-29 04:03 - 00241152 ____C (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2015-03-11 12:34 - 2014-10-29 04:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-03-11 12:34 - 2014-10-29 04:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-03-11 12:34 - 2014-10-29 03:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2015-03-11 12:34 - 2014-10-29 03:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2015-03-11 12:34 - 2014-10-29 03:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-11 12:34 - 2014-10-29 03:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-03-11 12:34 - 2014-10-29 03:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2015-03-11 12:34 - 2014-10-29 03:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-03-11 12:34 - 2014-10-29 03:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-03-11 12:34 - 2014-10-29 02:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-03-11 12:34 - 2014-10-29 02:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-03-11 12:34 - 2014-10-29 02:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-11 12:34 - 2014-10-29 02:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-03-11 12:33 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 12:33 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 12:33 - 2015-01-31 01:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 12:33 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 12:33 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 12:33 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 12:33 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 12:33 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 12:33 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 12:33 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 12:33 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 12:33 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 12:33 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 12:33 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 12:33 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 12:33 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 12:33 - 2015-01-29 03:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 12:33 - 2015-01-29 03:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 12:33 - 2015-01-29 02:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 12:33 - 2015-01-29 02:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 12:33 - 2015-01-29 02:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 12:33 - 2015-01-29 02:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 12:33 - 2015-01-28 17:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 12:33 - 2015-01-28 17:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 12:33 - 2015-01-28 17:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 12:33 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 12:33 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 12:33 - 2015-01-27 06:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 12:33 - 2015-01-27 04:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 12:33 - 2014-10-29 05:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-03-11 12:33 - 2014-10-29 04:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-11 12:33 - 2014-10-29 04:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-03-11 12:33 - 2014-10-29 04:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-03-11 12:33 - 2014-10-29 03:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-11 12:33 - 2014-10-29 03:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-03-11 12:33 - 2014-10-29 03:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-11 12:33 - 2014-10-29 02:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2015-03-11 12:33 - 2014-10-29 02:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 12:30 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 12:30 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 12:30 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 12:30 - 2015-02-21 02:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 12:30 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 12:30 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 12:30 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 12:30 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 12:30 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 12:30 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 12:30 - 2015-02-20 04:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 12:30 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 12:30 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 12:30 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 12:30 - 2015-02-20 04:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 12:30 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 12:30 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 12:30 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 12:30 - 2015-02-20 03:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 12:30 - 2015-02-20 03:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 12:30 - 2015-02-20 03:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 12:30 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 12:30 - 2015-02-20 03:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 12:30 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 12:30 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 12:30 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 12:30 - 2015-02-20 03:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 12:30 - 2015-02-20 03:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 12:30 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 12:30 - 2015-02-20 03:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 12:30 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 12:30 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 12:30 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 12:30 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 12:30 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 12:30 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 12:30 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 12:29 - 2015-02-12 19:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 12:29 - 2015-02-12 19:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 12:29 - 2015-01-29 20:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 12:29 - 2015-01-29 20:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 12:29 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-11 12:28 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 12:28 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 12:28 - 2015-01-28 03:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 12:28 - 2015-01-28 03:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 12:28 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 12:28 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 12:28 - 2015-01-21 07:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-11 12:28 - 2015-01-21 07:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-09 23:44 - 2015-03-09 23:44 - 00004856 _____ () C:\Users\Sebi\Downloads\config_ endde83.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-08 19:35 - 2015-01-27 10:50 - 00005128 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Pc-Sebi-Sebi Pc-Sebi
2015-04-08 19:35 - 2015-01-27 10:50 - 00000000 ___DO () C:\Users\Sebi\OneDrive
2015-04-08 19:34 - 2015-01-07 21:04 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-08 19:33 - 2015-01-22 14:39 - 00135680 ___SH () C:\Users\Sebi\Desktop\Thumbs.db
2015-04-08 19:32 - 2014-09-23 23:06 - 00039840 _____ () C:\WINDOWS\PFRO.log
2015-04-08 19:32 - 2013-08-22 16:46 - 00342824 _____ () C:\WINDOWS\setupact.log
2015-04-08 19:32 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-08 19:31 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-08 19:18 - 2014-12-15 13:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-08 19:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-08 18:14 - 2015-01-14 17:30 - 01912255 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-08 17:03 - 2014-12-14 16:41 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2171534533-33094092-2416115179-1002
2015-04-08 16:59 - 2015-01-14 15:41 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\TS3Client
2015-04-08 14:59 - 2015-01-28 12:43 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{708BD5AD-2F5C-4A11-8A1A-FE53B4E2038D}
2015-04-08 10:42 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-08 00:04 - 2014-09-24 08:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-08 00:04 - 2014-09-24 07:43 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-04-08 00:04 - 2014-09-24 07:43 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-04-07 13:35 - 2015-01-22 14:43 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Deployment
2015-04-05 23:33 - 2014-12-14 16:35 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Packages
2015-04-05 23:16 - 2014-12-14 16:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-05 14:13 - 2015-01-07 22:10 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-04-04 17:28 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-02 02:03 - 2013-07-27 00:05 - 00000000 ____D () C:\ProgramData\Norton
2015-03-26 13:23 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-25 23:40 - 2015-01-14 17:37 - 00000000 ____D () C:\Users\Sebi
2015-03-25 22:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\tracing
2015-03-25 22:25 - 2015-01-11 15:17 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-25 22:25 - 2014-09-24 09:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-25 20:16 - 2015-01-27 22:10 - 06528454 _____ () C:\Users\Sebi\Downloads\paint.net.4.0.5.install.zip
2015-03-21 17:51 - 2015-01-08 17:45 - 00000072 _____ () C:\Users\Public\LMDebug.log
2015-03-17 19:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-17 11:15 - 2013-08-22 16:44 - 00372192 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-17 11:08 - 2015-01-22 14:23 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-17 02:20 - 2015-01-13 02:54 - 00000000 ____D () C:\Users\Sebi\Documents\My Games
2015-03-13 22:13 - 2015-01-08 14:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-13 22:10 - 2015-01-08 14:00 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-13 16:07 - 2015-01-22 14:55 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2171534533-33094092-2416115179-1002

==================== Files in the root of some directories =======

2015-04-08 19:34 - 2015-04-08 19:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-06 15:53

==================== End Of Log ============================
--- --- ---

schrauber 09.04.2015 09:34
wo hast Du die fixlist her? :wtf:

Faru 09.04.2015 11:13
Ich hab 1:1 das gemacht was du gesagt hast also mit dem Dateipfad die txt. Datei erstellt und dann nen frischen FRST gemacht :crazy:

schrauber 09.04.2015 17:54
Nein, stimmt nicht. Schau nochmal genau hin!

Meine Fixlist, die ich gepostet habe:
Code:
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [UPNP Service] => C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe
C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4
Emptytemp:
Die Fixlist, die Du verwendet hast:

Code:
Content of fixlist:
*****************
C:\Users\Sebi\AppData\Local\Temp\tmp1287.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp130F.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp1426.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp18CD.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp1C9D.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp296D.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp33FE.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp3E27.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp4F26.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp559B.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp7170.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp8229.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp8D7F.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmp9105.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\tmpB934.tmp.exe

C:\Users\Sebi\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\Sebi\AppData\Local\Temp\Window\svhost.exe

C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe

C:\Users\Sebi\AppData\Roaming\FolderName\file.exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\atidrv.exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(1).exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\Esea(2).exe

C:\Users\Sebi\AppData\Roaming\Skype\My Skype Received Files\ESEA.exe

C:\Users\Sebi\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe

C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer(1).exe

C:\Users\Sebi\Downloads\Paint NET - CHIP-Installer.exe
S0 rjaty; System32\drivers\imofugc.sys [X]
C:\ProgramData\DP45977C.lfl
Emptytemp:

Faru 10.04.2015 00:04
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Sebi at 2015-04-10 00:58:23 Run:3
Running from C:\Users\Sebi\Downloads
Loaded Profiles: Sebi (Available profiles: Sebi)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [UPNP Service] => C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4\UPNP Service\upnpsvc.exe
C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4
Emptytemp:
       
*****************

HKU\S-1-5-21-2171534533-33094092-2416115179-1002\Software\Microsoft\Windows\CurrentVersion\Run\\UPNP Service => value deleted successfully.
C:\Users\Sebi\AppData\Roaming\20613BB6-949F-4BCA-8138-363AA712B1E4 => Moved successfully.
EmptyTemp: => Removed 372 MB temporary data.


The system needed a reboot.

==== End of Fixlog 00:58:27 ====

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Sebi (administrator) on PC-SEBI on 10-04-2015 01:04:52
Running from C:\Users\Sebi\Downloads
Loaded Profiles: Sebi (Available profiles: Sebi)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\3DataManager\WTGService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Atheros Communications))
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2889408 2015-04-09] (Valve Corporation)
HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\MountPoints2: {3ef3322e-f63a-11e2-be6c-806e6f6e6963} - "D:\SETUP.EXE"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2171534533-33094092-2416115179-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2171534533-33094092-2416115179-1002 -> {6C84E0BC-9872-4A8D-8BD9-601B5D96A660} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25] (Qualcomm Atheros Commnucations)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default
FF Homepage: https://www.google.at
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2014-11-28] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-22] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin HKU\S-1-5-21-2171534533-33094092-2416115179-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sebi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\Sebi\AppData\Roaming\Mozilla\Firefox\Profiles\qx7gcp5k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-11]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKU\S-1-5-21-2171534533-33094092-2416115179-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-15] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [343024 2012-07-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 rzdaendpt; C:\Windows\System32\drivers\rzdaendpt.sys [33448 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-12-10] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [31912 2014-12-30] (Razer Inc)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 00:53 - 2015-04-10 00:53 - 00000000 ___RD () C:\Users\Sebi\Downloads\DeviceDoctor.Opener_mkdtfchztkfbm!App
2015-04-10 00:52 - 2015-04-10 00:52 - 00000258 _____ () C:\Fixlist.txt
2015-04-08 19:34 - 2015-04-08 19:34 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-07 02:59 - 2015-04-07 02:59 - 02347384 _____ (ESET) C:\Users\Sebi\Downloads\esetsmartinstaller_deu(1).exe
2015-04-06 15:10 - 2015-04-06 15:10 - 00000222 _____ () C:\Users\Sebi\Desktop\Star Wars Knights of the Old Republic II.url
2015-04-05 23:32 - 2015-04-05 23:32 - 00184195 _____ () C:\Users\Sebi\Downloads\Vorläufiger Arbeitsplan.xlsx
2015-04-05 23:27 - 2015-04-05 23:27 - 02690981 _____ (Thisisu) C:\Users\Sebi\Downloads\JRT(1).exe
2015-04-05 23:27 - 2015-04-05 23:27 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-PC-SEBI-Windows-8.1-(64-bit).dat
2015-04-05 23:27 - 2015-04-05 23:27 - 00000000 ____D () C:\RegBackup
2015-04-05 23:13 - 2015-04-05 23:13 - 02208768 _____ () C:\Users\Sebi\Downloads\adwcleaner_4.200.exe
2015-04-04 17:25 - 2015-04-04 17:28 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-04 17:25 - 2015-04-04 17:25 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-04 03:16 - 2015-04-04 03:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-02 00:23 - 2015-04-02 00:23 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sebi\Downloads\tdsskiller(1).exe
2015-04-02 00:14 - 2015-04-02 00:15 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sebi\Downloads\mbar-1.09.1.1004(1).exe
2015-03-28 14:57 - 2015-03-28 14:57 - 00852604 _____ () C:\Users\Sebi\Downloads\SecurityCheck.exe
2015-03-28 14:55 - 2015-03-28 14:55 - 02347384 _____ (ESET) C:\Users\Sebi\Downloads\esetsmartinstaller_deu.exe
2015-03-27 20:35 - 2015-03-27 20:35 - 01388782 _____ (Thisisu) C:\Users\Sebi\Downloads\JRT.exe
2015-03-27 20:04 - 2015-04-05 23:15 - 00000000 ____D () C:\AdwCleaner
2015-03-26 20:43 - 2015-03-26 20:44 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sebi\Downloads\tdsskiller.exe
2015-03-26 20:40 - 2015-04-05 23:16 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-26 20:39 - 2015-03-26 20:39 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sebi\Downloads\mbar-1.09.1.1004.exe
2015-03-26 16:06 - 2015-03-29 18:03 - 00032617 _____ () C:\Users\Sebi\Downloads\Addition.txt
2015-03-26 16:05 - 2015-04-10 01:04 - 00018060 _____ () C:\Users\Sebi\Downloads\FRST.txt
2015-03-26 16:05 - 2015-04-10 01:04 - 00000000 ____D () C:\FRST
2015-03-26 16:05 - 2015-03-26 16:05 - 02095616 _____ (Farbar) C:\Users\Sebi\Downloads\FRST64.exe
2015-03-25 21:48 - 2015-04-05 23:30 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-25 21:48 - 2015-04-02 02:08 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-25 21:48 - 2015-03-25 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-25 21:48 - 2015-03-25 21:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-25 21:48 - 2015-03-25 21:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-25 21:48 - 2015-03-17 07:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-25 21:48 - 2015-03-17 07:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-25 12:35 - 2015-03-11 04:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-03-25 12:35 - 2015-03-11 00:08 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-03-24 11:15 - 2015-03-24 11:15 - 01054912 _____ (Adobe) C:\Users\Sebi\Downloads\install_flashplayer17x32au_ltr5x64d_awc_aih.exe
2015-03-24 02:29 - 2015-04-07 04:08 - 00000000 __SHD () C:\Users\Sebi\AppData\Roaming\FolderName
2015-03-24 02:22 - 2015-03-24 02:22 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Skype
2015-03-24 02:21 - 2015-03-28 16:32 - 00000000 ____D () C:\ProgramData\Skype
2015-03-24 02:21 - 2015-03-25 22:09 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Skype
2015-03-24 02:20 - 2015-03-24 02:20 - 00003134 _____ () C:\WINDOWS\System32\Tasks\{99D679EF-1A1A-4D6A-8435-4AAA89B03323}
2015-03-19 22:08 - 2015-03-19 22:08 - 00000000 ____D () C:\Users\Sebi\Documents\Benutzerdefinierte Office-Vorlagen
2015-03-16 20:08 - 2015-03-16 20:08 - 00000222 _____ () C:\Users\Sebi\Desktop\South Park The Stick of Truth.url
2015-03-11 12:35 - 2015-02-04 01:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 12:35 - 2015-02-04 01:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 12:35 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 12:35 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 12:34 - 2015-03-06 04:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 12:34 - 2015-03-06 04:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 12:34 - 2015-02-26 01:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 12:34 - 2015-02-20 05:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 12:34 - 2015-02-20 04:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 12:34 - 2015-02-20 04:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 12:34 - 2015-02-20 04:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 12:34 - 2015-02-07 01:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 12:34 - 2015-02-06 03:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 12:34 - 2015-02-06 03:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 12:34 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 12:34 - 2015-02-04 01:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 12:34 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 12:34 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 12:34 - 2015-01-31 01:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 12:34 - 2015-01-31 01:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 12:34 - 2015-01-30 05:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 12:34 - 2015-01-30 05:00 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-11 12:34 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 12:34 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 12:34 - 2015-01-29 03:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 12:34 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 12:34 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 12:34 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 12:34 - 2014-10-29 04:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-03-11 12:34 - 2014-10-29 04:46 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-03-11 12:34 - 2014-10-29 04:46 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-03-11 12:34 - 2014-10-29 04:45 - 01198080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-03-11 12:34 - 2014-10-29 04:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-03-11 12:34 - 2014-10-29 04:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-03-11 12:34 - 2014-10-29 04:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2015-03-11 12:34 - 2014-10-29 04:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-03-11 12:34 - 2014-10-29 04:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2015-03-11 12:34 - 2014-10-29 04:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-03-11 12:34 - 2014-10-29 04:03 - 00241152 ____C (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2015-03-11 12:34 - 2014-10-29 04:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-03-11 12:34 - 2014-10-29 04:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-03-11 12:34 - 2014-10-29 03:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2015-03-11 12:34 - 2014-10-29 03:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2015-03-11 12:34 - 2014-10-29 03:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-11 12:34 - 2014-10-29 03:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-03-11 12:34 - 2014-10-29 03:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2015-03-11 12:34 - 2014-10-29 03:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-03-11 12:34 - 2014-10-29 03:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-03-11 12:34 - 2014-10-29 02:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-03-11 12:34 - 2014-10-29 02:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-03-11 12:34 - 2014-10-29 02:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-11 12:34 - 2014-10-29 02:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-03-11 12:33 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 12:33 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 12:33 - 2015-01-31 01:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 12:33 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 12:33 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 12:33 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 12:33 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 12:33 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 12:33 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 12:33 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 12:33 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 12:33 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 12:33 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 12:33 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 12:33 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 12:33 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 12:33 - 2015-01-29 03:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 12:33 - 2015-01-29 03:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 12:33 - 2015-01-29 02:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 12:33 - 2015-01-29 02:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 12:33 - 2015-01-29 02:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 12:33 - 2015-01-29 02:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 12:33 - 2015-01-28 17:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 12:33 - 2015-01-28 17:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 12:33 - 2015-01-28 17:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 12:33 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 12:33 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 12:33 - 2015-01-27 06:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 12:33 - 2015-01-27 04:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 12:33 - 2014-10-29 05:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-03-11 12:33 - 2014-10-29 04:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-11 12:33 - 2014-10-29 04:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-03-11 12:33 - 2014-10-29 04:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-03-11 12:33 - 2014-10-29 03:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-11 12:33 - 2014-10-29 03:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-03-11 12:33 - 2014-10-29 03:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-11 12:33 - 2014-10-29 02:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2015-03-11 12:33 - 2014-10-29 02:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 12:30 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 12:30 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 12:30 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 12:30 - 2015-02-21 02:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 12:30 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 12:30 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 12:30 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 12:30 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 12:30 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 12:30 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 12:30 - 2015-02-20 04:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 12:30 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 12:30 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 12:30 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 12:30 - 2015-02-20 04:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 12:30 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 12:30 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 12:30 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 12:30 - 2015-02-20 03:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 12:30 - 2015-02-20 03:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 12:30 - 2015-02-20 03:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 12:30 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 12:30 - 2015-02-20 03:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 12:30 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 12:30 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 12:30 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 12:30 - 2015-02-20 03:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 12:30 - 2015-02-20 03:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 12:30 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 12:30 - 2015-02-20 03:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 12:30 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 12:30 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 12:30 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 12:30 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 12:30 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 12:30 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 12:30 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 12:29 - 2015-02-12 19:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 12:29 - 2015-02-12 19:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 12:29 - 2015-01-29 20:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 12:29 - 2015-01-29 20:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 12:29 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-11 12:28 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 12:28 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 12:28 - 2015-01-28 03:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 12:28 - 2015-01-28 03:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 12:28 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 12:28 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 12:28 - 2015-01-21 07:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-11 12:28 - 2015-01-21 07:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 01:02 - 2015-01-27 10:50 - 00005128 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Pc-Sebi-Sebi Pc-Sebi
2015-04-10 01:02 - 2015-01-07 21:04 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-10 01:01 - 2015-01-27 10:50 - 00000000 ___DO () C:\Users\Sebi\OneDrive
2015-04-10 01:01 - 2015-01-22 14:39 - 00135680 ___SH () C:\Users\Sebi\Desktop\Thumbs.db
2015-04-10 00:59 - 2014-09-23 23:06 - 00040732 _____ () C:\WINDOWS\PFRO.log
2015-04-10 00:59 - 2013-08-22 16:46 - 00343209 _____ () C:\WINDOWS\setupact.log
2015-04-10 00:59 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-10 00:59 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-10 00:18 - 2014-12-15 13:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-10 00:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-09 23:55 - 2015-01-14 17:30 - 01060997 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-09 23:04 - 2015-01-14 15:41 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\TS3Client
2015-04-09 20:14 - 2015-01-28 12:43 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{708BD5AD-2F5C-4A11-8A1A-FE53B4E2038D}
2015-04-09 14:02 - 2014-09-24 08:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-09 14:02 - 2014-09-24 07:43 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-04-09 14:02 - 2014-09-24 07:43 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-04-08 17:03 - 2014-12-14 16:41 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2171534533-33094092-2416115179-1002
2015-04-08 15:08 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-07 13:35 - 2015-01-22 14:43 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Deployment
2015-04-05 23:33 - 2014-12-14 16:35 - 00000000 ____D () C:\Users\Sebi\AppData\Local\Packages
2015-04-05 23:16 - 2014-12-14 16:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-05 14:13 - 2015-01-07 22:10 - 00000000 ____D () C:\Users\Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-04-04 17:28 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-02 02:03 - 2013-07-27 00:05 - 00000000 ____D () C:\ProgramData\Norton
2015-03-26 13:23 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-25 23:40 - 2015-01-14 17:37 - 00000000 ____D () C:\Users\Sebi
2015-03-25 22:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\tracing
2015-03-25 22:25 - 2015-01-11 15:17 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-25 22:25 - 2014-09-24 09:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-25 20:16 - 2015-01-27 22:10 - 06528454 _____ () C:\Users\Sebi\Downloads\paint.net.4.0.5.install.zip
2015-03-21 17:51 - 2015-01-08 17:45 - 00000072 _____ () C:\Users\Public\LMDebug.log
2015-03-17 19:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-17 11:15 - 2013-08-22 16:44 - 00372192 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-17 11:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-17 11:08 - 2015-01-22 14:23 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-17 02:20 - 2015-01-13 02:54 - 00000000 ____D () C:\Users\Sebi\Documents\My Games
2015-03-13 22:13 - 2015-01-08 14:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-13 22:10 - 2015-01-08 14:00 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-13 16:07 - 2015-01-22 14:55 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2171534533-33094092-2416115179-1002

==================== Files in the root of some directories =======

2015-04-08 19:34 - 2015-04-08 19:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-09 13:29

==================== End Of Log ============================
--- --- ---

schrauber 10.04.2015 15:34
Noch Probleme mit dem Rechner?

Ich würde trotzdem gerne wissen wo Du diese fixlist her hattest :)

Faru 10.04.2015 23:14
Wiegesagt Probleme direkt hab ich nicht mehr aber ich hätte gerne die Gewissheit das ich keinen Keylogger mehr habe und irgendjemand jederzeit meine Passwörter knacken kann :(

Ähm ganz ehrlich ich weiß es nicht, hab das step by step so versucht wie dus mir beschrieben hast.

schrauber 11.04.2015 10:41
Passwörter ändern ist eh Pflicht. Aber jetzt sind wir fertig :)



http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:01 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19