Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   DHL Mail erhalten und ZIP Datei auf dem Rechner (https://www.trojaner-board.de/166750-dhl-mail-erhalten-zip-datei-rechner.html)

guddy68 07.05.2015 19:44
DHL Mail erhalten und ZIP Datei auf dem Rechner
 
Hallo Zusammen,

auch ich Depp habe die DHL Email erhalten und geöffnet, da ich wie viele Andere auf ein Paket warte. Allerdings habe ich zwei verschiedene erhalte.
Eine mit einem Link und eine mit einem angeblichen pdf File.
Ich habe die .pdf Datei geöffnet und in der anderen Email den Link angeklickt. Doof!
Jetzt habe ich gesehen dass sich folgende Datei: DHL_Report_Zustellungsstatus__06__05__2015.zip
im Benutzer Temp-Ordner liegt. Datum 06.05.15 18:06h
Ich habe sie nicht geöffnet. Mein Virenscanner hat allerdings nichts gefunden.

Bitte helft mir, da ich morgen in Urlaub fahre muss ich heute meinen Rechner wieder fit bekommen. Noch hat er nichts auffälliges angestellt.

VG

Guddy68

:dankeschoen:

FRST.txt


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by User (administrator) on GUDRUN-PC on 07-05-2015 20:38:18
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available profiles: User)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\pg_ctl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dolby Laboratories Inc.) C:\DOLBY PCEE4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mirko Böer) C:\Program Files (x86)\SSK\sskfree.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpn.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1796200 2011-02-22] (Acer Incorporated)
HKLM\...\Run: [HP Color LaserJet CM1312 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-15] (CANON INC.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-13] (Intel Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-03-09] (NTI Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-02-18] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPUsageTracking] => C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [24576 2009-05-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1977744977-3695908920-4128797142-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-1977744977-3695908920-4128797142-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-10-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1977744977-3695908920-4128797142-1000] => 87.230.26.172:3128
HKU\S-1-5-21-1977744977-3695908920-4128797142-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1977744977-3695908920-4128797142-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1977744977-3695908920-4128797142-1000 -> DefaultScope {5C5A0EA6-1B5F-40AB-8B13-CEF11C6F9BA9} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A010DE662&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-1977744977-3695908920-4128797142-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1977744977-3695908920-4128797142-1000 -> {5C5A0EA6-1B5F-40AB-8B13-CEF11C6F9BA9} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A010DE662&p={SearchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.27 192.168.1.17

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\te2rx261.default
FF Homepage: hxxp://www.rp-online.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-11-12] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-11-12] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1977744977-3695908920-4128797142-1000: @citrixonline.com/appdetectorplugin -> C:\Users\User\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-04-11] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-04-17] (Cisco WebEx LLC)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-03-22]
FF Extension: WOT - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\te2rx261.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: Personas Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\te2rx261.default\Extensions\personas@christopher.beard.xpi [2013-10-02]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-10-19]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-10-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-03-09] (NTI Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [File not signed]
R2 postgresql-9.3; C:\Program Files (x86)\PostgreSQL\9.3\bin\pg_ctl.exe [80384 2014-02-18] (PostgreSQL Global Development Group) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 HPEWSFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [20504 2007-07-16] (Hewlett Packard)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 20:38 - 2015-05-07 20:38 - 00021426 _____ () C:\Users\User\Desktop\FRST.txt
2015-05-07 20:38 - 2015-05-07 20:38 - 00000000 ____D () C:\FRST
2015-05-07 20:01 - 2015-05-07 20:02 - 02102272 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2015-04-27 22:33 - 2015-05-05 09:24 - 00000616 _____ () C:\Windows\setupact.log
2015-04-27 22:33 - 2015-04-27 22:33 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-27 22:27 - 2015-04-27 22:28 - 00007146 _____ () C:\Users\User\Documents\cc_20150427_222745.reg
2015-04-27 22:26 - 2015-04-27 22:27 - 00206470 _____ () C:\Users\User\Documents\cc_20150427_222651.reg
2015-04-27 22:07 - 2015-04-27 22:07 - 00002790 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-04-27 22:07 - 2015-04-27 22:07 - 00000863 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-27 22:07 - 2015-04-27 22:07 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-22 17:36 - 2015-04-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-17 10:04 - 2015-04-17 10:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\webex
2015-04-17 10:04 - 2015-04-17 10:04 - 00000000 ____D () C:\Users\User\AppData\Local\WebEx
2015-04-17 10:04 - 2015-04-17 10:04 - 00000000 ____D () C:\ProgramData\WebEx
2015-04-15 09:51 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 09:51 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 09:51 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 09:51 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 09:51 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 09:51 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:51 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 09:51 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 09:51 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 09:51 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 09:51 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:51 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 09:51 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 09:51 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 09:51 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 09:51 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 09:51 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 09:51 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 09:51 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 09:51 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 09:51 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 09:51 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 09:51 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 09:51 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 09:51 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 09:51 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 09:51 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 09:51 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 09:51 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 09:51 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 09:51 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 09:51 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 09:51 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 09:51 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 09:51 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 09:50 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 09:50 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 09:50 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 09:50 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 09:50 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 09:50 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 09:50 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 09:50 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 09:50 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 09:50 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 09:50 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 09:50 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 09:50 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 09:50 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 09:50 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 09:50 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 09:50 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 09:50 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 09:50 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 09:50 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 09:50 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 09:50 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 09:50 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 09:50 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 09:50 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 09:50 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 09:50 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 09:50 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 09:50 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 09:50 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 09:50 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 09:50 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 09:50 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 09:50 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 09:50 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 09:50 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:50 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 09:50 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 09:50 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 09:50 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 09:50 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 09:50 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 09:50 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 09:50 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 09:50 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 09:50 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 09:50 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 09:50 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 09:50 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 09:50 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 09:50 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 09:50 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 09:50 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:50 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 09:50 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 09:50 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 09:50 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:50 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 09:50 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 09:50 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 09:50 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 09:50 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 09:50 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 09:50 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 09:50 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 09:50 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 09:50 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 09:50 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 09:50 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 09:50 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 09:50 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 09:50 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 09:50 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 09:50 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 09:50 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 09:50 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 09:50 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 09:50 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 09:50 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 09:50 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 09:50 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 09:50 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 09:50 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 09:50 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 09:50 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 09:50 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 09:50 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 09:50 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 09:50 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 09:50 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 09:50 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 09:50 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 09:50 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 09:49 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 09:49 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 09:49 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 20:30 - 2013-10-01 19:02 - 00000384 _____ () C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
2015-05-07 20:12 - 2014-01-07 12:28 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-07 20:12 - 2014-01-07 12:28 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-07 19:52 - 2013-10-02 14:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-07 19:29 - 2013-09-30 12:41 - 01485407 _____ () C:\Windows\WindowsUpdate.log
2015-05-07 17:52 - 2013-09-30 22:34 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2015-05-07 17:52 - 2013-09-30 22:34 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2015-05-07 17:52 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-05 09:34 - 2009-07-14 06:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-05 09:34 - 2009-07-14 06:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-05 09:31 - 2013-10-01 08:06 - 00000000 ____D () C:\ProgramData\clear.fi
2015-05-05 09:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-03 13:47 - 2013-10-08 14:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\MyPhoneExplorer
2015-04-27 22:25 - 2013-11-23 13:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\TeamViewer
2015-04-27 22:23 - 2013-12-31 00:56 - 00000000 ____D () C:\Windows\Minidump
2015-04-27 22:23 - 2007-07-12 03:49 - 00000000 ____D () C:\Windows\Panther
2015-04-25 01:24 - 2013-11-03 18:29 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-25 01:24 - 2013-11-03 18:28 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-25 01:22 - 2013-11-03 18:28 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-23 13:51 - 2013-10-02 08:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 13:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-18 13:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-17 10:04 - 2013-10-02 08:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2015-04-17 09:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 09:44 - 2014-12-11 17:24 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 09:44 - 2014-05-06 23:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 09:42 - 2013-10-02 00:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 09:41 - 2013-10-15 14:44 - 01594892 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 09:36 - 2013-10-04 23:24 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 09:30 - 2013-10-04 23:24 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-16 09:30 - 2009-07-14 04:34 - 00000513 _____ () C:\Windows\win.ini
2015-04-15 09:56 - 2013-10-19 20:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2015-04-15 09:52 - 2013-10-02 14:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 09:52 - 2013-10-02 14:14 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 09:52 - 2013-10-02 14:14 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-07 16:21 - 2015-01-02 16:18 - 00000000 ____D () C:\Users\User\Documents\Outlook-Dateien

==================== Files in the root of some directories =======

2013-09-30 13:06 - 2013-09-30 13:08 - 0015219 _____ () C:\ProgramData\ArcadeDeluxe5.log
2011-04-20 10:03 - 2010-03-02 23:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2013-10-05 15:17 - 2013-10-05 16:08 - 0002070 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-04 10:06

==================== End Of Log ============================
--- --- ---

--- --- ---
--- --- ---

Und hier noch FRST Addition:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015 01
Ran by User at 2015-05-07 20:39:08
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1977744977-3695908920-4128797142-500 - Administrator - Disabled)
Gast (S-1-5-21-1977744977-3695908920-4128797142-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1977744977-3695908920-4128797142-1002 - Limited - Enabled)
User (S-1-5-21-1977744977-3695908920-4128797142-1000 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.90 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1523 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1523 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3006 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3004 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Design Standard (HKLM-x32\...\Adobe_1e3ba55b33b1e8227645fb9c82acca3) (Version: 4.0 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS5 (HKLM-x32\...\{C79312BD-3E76-4474-A10C-1435D1856A4B}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.2 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Amazon Music (HKU\S-1-5-21-1977744977-3695908920-4128797142-1000\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Antennenzusammenschaltung (HKU\S-1-5-21-1977744977-3695908920-4128797142-1000\...\181d682792d746db) (Version: 1.0.0.3 - Antennenzusammenschaltung)
Area_Prediction_HCM (HKLM-x32\...\ST6UNST #1) (Version:  - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{1D72BF42-E249-4EB7-CC4C-8CC09DAB180B}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
Backup Manager V3 (x32 Version: 3.0.0.90 - NTI Corporation) Hidden
Bizagi Modeler (HKLM-x32\...\InstallShield_{DC3F08F0-2C53-4277-9276-47F24386D4B3}) (Version: 2.9.04 - Bizagi Limited)
Bizagi Modeler (Version: 2.9.04 - Bizagi Limited) Hidden
Border (d:\) (HKLM-x32\...\ST6UNST #3) (Version:  - )
Border (HKLM-x32\...\ST6UNST #2) (Version:  - )
BufferChm (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Canon LBP5050 (HKLM\...\Canon LBP5050) (Version:  - )
Catan - Städte und Ritter (HKLM-x32\...\Catan - Staedte und Ritter) (Version: 1.229 - Catan GmbH)
ccc-core-static (x32 Version: 2011.0208.2202.39516 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cisco WebEx Meetings (HKU\S-1-5-21-1977744977-3695908920-4128797142-1000\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1422.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1422.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7418 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3008 - Acer Incorporated)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeviceDiscovery (x32 Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Freemake Video Converter Version 4.0.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.4 - Ellora Assets Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HcmCoverage (HKU\S-1-5-21-1977744977-3695908920-4128797142-1000\...\{HcmCoverage}}_is1) (Version: 1.0 - Knaub Maxim)
HCMPatternOptimizer3D version 1.0 (HKLM-x32\...\HCMPatternOptimizer3D_is1) (Version: 1.0 - )
HcmVisualizer version RC1 (HKLM-x32\...\HcmVisualizer_is1) (Version: RC1 - )
HP Color LaserJet CM1312 MFP Series 5.1 (HKLM\...\{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}) (Version: 5.1 - HP)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
hppCLJCM1312 (x32 Version: 005.001.00142 - Hewlett-Packard) Hidden
hppFaxDrvCM1312 (x32 Version: 005.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1312 (x32 Version: 005.001.00137 - Ihr Firmenname) Hidden
hppFonts (x32 Version: 001.001.00061 - Hewlett-Packard) Hidden
hppManualsCM1312 (x32 Version: 005.001.00145 - Ihr Firmenname) Hidden
hppQFolderCM1312 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
hppScanToCM1312 (x32 Version: 005.001.00140 - Ihr Firmenname) Hidden
hppSendFaxCM1312 (x32 Version: 005.000.00001 - Ihr Firmenname) Hidden
hppusgCM1312 (x32 Version: 1.1.0.1 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Acer Inc.)
MarketResearch (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
MediaEspresso (x32 Version: 1.0.1418_35759 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - German/Deutsch (HKLM-x32\...\Office14.OMUI.de-de) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.4 - Notepad++ Team)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
OpenVPN 2.3.2-I003  (HKLM\...\OpenVPN) (Version: 2.3.2-I003 - )
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PostgreSQL 9.3  (x86) (HKLM-x32\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Readiris Pro 11 (HKLM-x32\...\{7C2B745A-E7F1-41F1-B9BB-3DDB8D52E4CE}) (Version: 11.00.5062 - I.R.I.S.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6329 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{F3E80B62-3C51-4940-A434-A1F517AB8D6A}) (Version:  - Microsoft)
Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
SuperSpamKiller 2.20 (HKLM-x32\...\SuperSpamKiller) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
TrayApp (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
VFRUN66BI (HKLM-x32\...\VFRUN66BI) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
WebReg (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

27-04-2015 10:41:28 Windows Update
01-05-2015 10:08:06 Windows Update
04-05-2015 10:50:30 Windows Update
07-05-2015 12:42:27 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1F01E9BB-5B43-441B-BEC0-F05727857C29} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {23D37008-8D02-436F-B8BE-4B4F6C5FBC97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-07] (Google Inc.)
Task: {40549354-8977-429A-A28F-A09B4A7C440F} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-02-22] (Acer Incorporated)
Task: {49F1DF80-2CED-4688-BFB1-BC3BCC61C0F9} - System32\Tasks\upfs7214 => C:\PROGRA~2\Flowsurf\upfs7214.exe <==== ATTENTION
Task: {63AFBF0A-A33C-456A-9C70-E6E22721ACAB} - System32\Tasks\Acer Registration - Reminder Recall task => C:\Program Files (x86)\Acer\Registration\GREG.exe
Task: {694E5991-4C2A-4CAF-B4C0-0CEA13338DA2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {731359AC-FDFF-45B8-BE95-7587CA91EBED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {9A53DD58-EFCF-40B7-BBD3-138ABCB60CCD} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {AA914546-2C40-46C7-B3DF-4CB070E2F954} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-02-22] (CyberLink Corp.)
Task: {AF4AB7A9-76FC-4A55-884B-E47BFA21E328} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {B0E84C5F-3CB8-465A-B854-1BB8D920E31E} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-02-22] (CyberLink)
Task: {D7D80000-72EF-480C-8D5F-5B9B9D8740C1} - System32\Tasks\AdobeAAMUpdater-1.0-GUDRUN-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {DA6A65F9-1974-4870-9FAB-B0FA310CAB55} - System32\Tasks\{9279F8CE-CC10-4A7D-BE80-E226836DEB12} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {EEFD723B-A2D2-4D3A-B298-01A24121D3A8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {FB21E480-CD4E-4A21-AD47-E51028136F40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-07] (Google Inc.)
Task: C:\Windows\Tasks\Acer Registration - Reminder Recall task.job => C:\Program Files (x86)\Acer\Registration\GREG.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2009-01-22 01:45 - 2009-01-22 01:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-08-22 15:25 - 2013-08-22 15:25 - 00411960 _____ () C:\Program Files\OpenVPN\bin\openvpn-gui.exe
2013-08-22 15:25 - 2013-08-22 15:25 - 00199336 _____ () C:\Program Files\OpenVPN\bin\liblzo2-2.dll
2013-08-22 15:25 - 2013-08-22 15:25 - 00117464 _____ () C:\Program Files\OpenVPN\bin\libpkcs11-helper-1.dll
2011-03-09 19:13 - 2011-03-09 19:13 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-03-09 19:12 - 2011-03-09 19:12 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-03-09 19:12 - 2011-03-09 19:12 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2014-03-17 12:48 - 2014-02-18 08:23 - 00138752 _____ () C:\Program Files (x86)\PostgreSQL\9.3\bin\LIBPQ.dll
2014-03-17 12:48 - 2014-02-05 08:56 - 01036800 _____ () C:\Program Files (x86)\PostgreSQL\9.3\bin\libxml2.dll
2014-10-17 22:30 - 2014-10-17 22:30 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll
2011-04-20 09:47 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-11-06 21:55 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
2011-02-22 10:01 - 2011-02-22 10:01 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-04-15 09:52 - 2015-04-15 09:52 - 16863920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1977744977-3695908920-4128797142-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.27 - 192.168.1.17

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: Amazon Music => "C:\Users\User\AppData\Local\Amazon Music\Amazon Music Helper.exe"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{00D28DA9-214B-4D40-BE5F-7CF47CF84C88}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CD1C5866-0FFC-4554-BFD5-8F1127A48257}] => (Allow) LPort=2869
FirewallRules: [{F20B317C-7057-4F42-AC80-E094A042834B}] => (Allow) LPort=1900
FirewallRules: [{3B184E2C-F802-4DF6-8D27-0126AE333B59}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{28D78D29-4396-420A-8E11-6919DD5CB4F1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{C1400C66-6CE5-4A3A-B46F-16DC69255E1C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{BA17FB42-4235-4476-9A81-47CEB7FFCDFF}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{0747025A-A3FF-46DA-9C79-FB62258F75A0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{33509300-C1ED-4B2D-9B1A-BAB78392831C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{D28800D6-796A-49C2-8B0E-A587477A150A}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{1747DF51-A467-4E3B-BF59-B92EB75BD441}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{000AF178-1D40-4F50-A4F7-6BEC6B64BDF8}] => (Allow) LPort=5353
FirewallRules: [{C487ACC4-6CE0-4E9B-A705-CFEA3BF3A099}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{3E940A4D-4ACB-4F2D-913C-E6C0A688B089}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{948C184F-5786-4864-838D-88B1671B5E15}] => (Allow) LPort=3703
FirewallRules: [{630AAB4A-7509-43C9-93AE-9C1355C5D90C}] => (Allow) LPort=3704
FirewallRules: [{826D739A-99E8-4B0D-BA15-36598E106052}] => (Allow) LPort=51000
FirewallRules: [{96396652-D0B8-48C0-A69F-91ECC1883ED0}] => (Allow) LPort=51001
FirewallRules: [{F818CB74-E387-4EFA-BC31-6E28FDDFF888}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
FirewallRules: [{F1B21646-1B47-43E9-988C-71F66C05E320}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
FirewallRules: [TCP Query User{5B3CD6DF-8470-4F99-8A3F-68BE68D99F89}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{936359E6-75E1-4E23-89F4-B44C67FD1E07}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{9866BF85-5FA8-46D5-BF6B-02658DEDF746}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{AB2F8A67-B53A-4891-97CB-78942FA9E4B9}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{E915A12E-D320-4AF9-8E89-1F69DE26D839}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{02E98707-7E0A-463F-AE5A-222CEBED5EBD}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{4DCF80B7-0988-4D2D-8261-C7A658FD2C11}] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{2FA0E302-7712-48DD-826B-BF14075FCA87}] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{25F45143-6C9B-4C3F-824D-54889CB2B2A6}C:\program files (x86)\adobe\adobe dreamweaver cs5\dreamweaver.exe] => (Allow) C:\program files (x86)\adobe\adobe dreamweaver cs5\dreamweaver.exe
FirewallRules: [UDP Query User{E2D7AEEE-9EE2-430C-8AC1-269E8FA00F5E}C:\program files (x86)\adobe\adobe dreamweaver cs5\dreamweaver.exe] => (Allow) C:\program files (x86)\adobe\adobe dreamweaver cs5\dreamweaver.exe
FirewallRules: [{31DB1A31-D660-48A3-B5B3-1B3C47859212}] => (Block) C:\program files (x86)\adobe\adobe dreamweaver cs5\dreamweaver.exe
FirewallRules: [{0AC6E61F-967C-463E-8E2F-83A36C05F2E8}] => (Block) C:\program files (x86)\adobe\adobe dreamweaver cs5\dreamweaver.exe
FirewallRules: [TCP Query User{17F95F35-279B-415B-AA66-7EBA6A2C0116}C:\program files (x86)\postgresql\9.3\bin\postgres.exe] => (Block) C:\program files (x86)\postgresql\9.3\bin\postgres.exe
FirewallRules: [UDP Query User{D9430976-077F-4DA9-A5E5-C98C8421D158}C:\program files (x86)\postgresql\9.3\bin\postgres.exe] => (Block) C:\program files (x86)\postgresql\9.3\bin\postgres.exe
FirewallRules: [{703F27C9-502D-48B8-AC98-2AF3F16577B8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DDA6BCDD-069C-4EF4-A4C4-A072B5B17F93}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{F681C071-B650-45AE-B04D-F3918D432B76}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{3D0AEAF2-0981-4C49-A857-04D8469B6E23}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{006720F8-7436-4A9A-AB5F-A200CF195726}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{D8E88218-379E-44E4-8E71-E6FB3ED0693F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A7683D3B-87E4-42FD-B99C-DDA06F005F30}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9670C7C4-E1B1-4BEA-AFEA-3A2933EB08F2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B6237136-73F0-430B-A021-A7622B80450D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/06/2015 10:40:28 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/06/2015 10:37:27 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/06/2015 08:32:59 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/05/2015 10:28:01 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/05/2015 10:23:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/05/2015 09:26:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 10:11:03 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/04/2015 10:06:34 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/03/2015 11:34:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/03/2015 02:19:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (05/05/2015 09:34:36 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (05/05/2015 09:34:33 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (05/05/2015 09:26:03 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (05/03/2015 11:35:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (05/02/2015 07:49:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (05/01/2015 09:57:28 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (04/30/2015 09:24:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (04/29/2015 00:05:53 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "ISABEL-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{99BFEFE3-2975-4846-9B93-4D8912D3C2C1}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/28/2015 09:13:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (04/28/2015 04:46:42 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen:
%%5


Microsoft Office Sessions:
=========================
Error: (05/06/2015 10:40:28 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dllc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dll3

Error: (05/06/2015 10:37:27 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe

Error: (05/06/2015 08:32:59 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe

Error: (05/05/2015 10:28:01 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dllc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dll3

Error: (05/05/2015 10:23:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe

Error: (05/05/2015 09:26:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 10:11:03 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dllc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dll3

Error: (05/04/2015 10:06:34 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe

Error: (05/03/2015 11:34:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/03/2015 02:19:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 55%
Total physical RAM: 4077.86 MB
Available physical RAM: 1823.13 MB
Total Pagefile: 8153.91 MB
Available Pagefile: 5178.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:470.97 GB) (Free:389.59 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:460.54 GB) (Free:193.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4007C1E8)
Partition 1: (Active) - (Size=471 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=460.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 07.05.2015 20:35
Hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

guddy68 07.05.2015 23:07
DHL Virus
 
Danke...hier mein Bericht von mba:

Code:
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.05.07.04
  rootkit: v2015.04.21.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17728
User :: GUDRUN-PC [administrator]

07.05.2015 21:52:45
mbar-log-2015-05-07 (21-52-45).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 379001
Time elapsed: 16 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Die ZIP Datei habe ich noch auf dem Rechner. Wie soll ich diese am Besten löschen nur via Papierkorb und dann leeren oder gibt es da was, dass die zip auch worklich gelöscht ist?

Und hier der Killer:

Code:
22:15:36.0352 0x15b0  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
22:15:40.0602 0x15b0  ============================================================
22:15:40.0602 0x15b0  Current date / time: 2015/05/07 22:15:40.0602
22:15:40.0602 0x15b0  SystemInfo:
22:15:40.0602 0x15b0 
22:15:40.0602 0x15b0  OS Version: 6.1.7601 ServicePack: 1.0
22:15:40.0602 0x15b0  Product type: Workstation
22:15:40.0602 0x15b0  ComputerName: GUDRUN-PC
22:15:40.0602 0x15b0  UserName: User
22:15:40.0602 0x15b0  Windows directory: C:\Windows
22:15:40.0602 0x15b0  System windows directory: C:\Windows
22:15:40.0602 0x15b0  Running under WOW64
22:15:40.0602 0x15b0  Processor architecture: Intel x64
22:15:40.0602 0x15b0  Number of processors: 4
22:15:40.0602 0x15b0  Page size: 0x1000
22:15:40.0602 0x15b0  Boot type: Normal boot
22:15:40.0602 0x15b0  ============================================================
22:15:40.0892 0x15b0  KLMD registered as C:\Windows\system32\drivers\15637240.sys
22:15:41.0382 0x15b0  System UUID: {B2185D57-7FB2-2FF4-97D8-184C075C7484}
22:15:42.0012 0x15b0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:15:42.0022 0x15b0  ============================================================
22:15:42.0022 0x15b0  \Device\Harddisk0\DR0:
22:15:42.0022 0x15b0  MBR partitions:
22:15:42.0022 0x15b0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3ADEF000
22:15:42.0022 0x15b0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3ADEF800, BlocksNum 0x39916000
22:15:42.0022 0x15b0  ============================================================
22:15:42.0032 0x15b0  C: <-> \Device\Harddisk0\DR0\Partition1
22:15:42.0082 0x15b0  D: <-> \Device\Harddisk0\DR0\Partition2
22:15:42.0082 0x15b0  ============================================================
22:15:42.0082 0x15b0  Initialize success
22:15:42.0082 0x15b0  ============================================================
22:15:55.0452 0x19e4  ============================================================
22:15:55.0452 0x19e4  Scan started
22:15:55.0452 0x19e4  Mode: Manual;
22:15:55.0452 0x19e4  ============================================================
22:15:55.0452 0x19e4  KSN ping started
22:16:07.0212 0x19e4  KSN ping finished: true
22:16:07.0912 0x19e4  ================ Scan system memory ========================
22:16:07.0912 0x19e4  System memory - ok
22:16:07.0912 0x19e4  ================ Scan services =============================
22:16:08.0092 0x19e4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:16:08.0112 0x19e4  1394ohci - ok
22:16:08.0192 0x19e4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:16:08.0202 0x19e4  ACPI - ok
22:16:08.0222 0x19e4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
22:16:08.0232 0x19e4  AcpiPmi - ok
22:16:08.0312 0x19e4  [ 2F0683FD2DF1D92E891CACA14B45A8C1, B4A8D6A183FA0B7D642FAD6B51C19FEC998481E1C49480D2B391E5D8B55F5BBD ] adfs            C:\Windows\system32\drivers\adfs.sys
22:16:08.0312 0x19e4  adfs - ok
22:16:08.0462 0x19e4  [ 57A3B9A69F14414ACE12AFD6BA701773, E17FD004315B666E3A880C987A83A2B6C6156C3D6E9550AAC6F686348F7CE7AC ] Adobe Version Cue CS4 C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
22:16:08.0472 0x19e4  Adobe Version Cue CS4 - ok
22:16:08.0582 0x19e4  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:16:08.0592 0x19e4  AdobeFlashPlayerUpdateSvc - ok
22:16:08.0652 0x19e4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
22:16:08.0672 0x19e4  adp94xx - ok
22:16:08.0742 0x19e4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\Windows\system32\drivers\adpahci.sys
22:16:08.0752 0x19e4  adpahci - ok
22:16:08.0772 0x19e4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
22:16:08.0772 0x19e4  adpu320 - ok
22:16:08.0802 0x19e4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
22:16:08.0802 0x19e4  AeLookupSvc - ok
22:16:08.0862 0x19e4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD            C:\Windows\system32\drivers\afd.sys
22:16:08.0882 0x19e4  AFD - ok
22:16:08.0912 0x19e4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:16:08.0912 0x19e4  agp440 - ok
22:16:08.0932 0x19e4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\Windows\System32\alg.exe
22:16:08.0932 0x19e4  ALG - ok
22:16:08.0962 0x19e4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:16:08.0962 0x19e4  aliide - ok
22:16:09.0002 0x19e4  [ E4DA723458A20FBA693FB1F5924483DB, 693E00821E93D8908AEAF134F0DB4A2CCC0F00AC7731E4BB98A2A14004F03EF1 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:16:09.0012 0x19e4  AMD External Events Utility - ok
22:16:09.0022 0x19e4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:16:09.0022 0x19e4  amdide - ok
22:16:09.0032 0x19e4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
22:16:09.0032 0x19e4  AmdK8 - ok
22:16:09.0322 0x19e4  [ F894BFB5817718D50CE0122B7806B457, 11D6E7487D22EAD0B52B85AF31A05C7A0B95B93C4645CDCB7266B8B851A59B05 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:16:09.0572 0x19e4  amdkmdag - ok
22:16:09.0602 0x19e4  [ B12E7BE6715F3EE1A913A806F6B0AB94, 64211723EEA5FCF97E76EF81AE51412FD1E37CFB05EC0D772F3B4CB5450DA737 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:16:09.0602 0x19e4  amdkmdap - ok
22:16:09.0632 0x19e4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:16:09.0642 0x19e4  AmdPPM - ok
22:16:09.0682 0x19e4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
22:16:09.0692 0x19e4  amdsata - ok
22:16:09.0732 0x19e4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:16:09.0742 0x19e4  amdsbs - ok
22:16:09.0762 0x19e4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata        C:\Windows\system32\drivers\amdxata.sys
22:16:09.0762 0x19e4  amdxata - ok
22:16:09.0822 0x19e4  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID          C:\Windows\system32\drivers\appid.sys
22:16:09.0832 0x19e4  AppID - ok
22:16:09.0872 0x19e4  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:16:09.0882 0x19e4  AppIDSvc - ok
22:16:09.0912 0x19e4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo        C:\Windows\System32\appinfo.dll
22:16:09.0922 0x19e4  Appinfo - ok
22:16:09.0942 0x19e4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\Windows\system32\drivers\arc.sys
22:16:09.0942 0x19e4  arc - ok
22:16:09.0962 0x19e4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:16:09.0962 0x19e4  arcsas - ok
22:16:10.0082 0x19e4  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:16:10.0082 0x19e4  aspnet_state - ok
22:16:10.0122 0x19e4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:16:10.0122 0x19e4  AsyncMac - ok
22:16:10.0172 0x19e4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\Windows\system32\drivers\atapi.sys
22:16:10.0172 0x19e4  atapi - ok
22:16:10.0312 0x19e4  [ C8679A07267F030704168E45E27C3D43, E682D9B6439D8F8ED17D9A5536154ED6BA99EE22DD4885CFB7F442D15BB81477 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
22:16:10.0362 0x19e4  athr - ok
22:16:10.0512 0x19e4  [ 4BF5BCA6E2608CD8A00BC4A6673A9F47, 172240231981162F67DD2CF13C6D8C807EFFCE9C24B476F2942BC3E1F41C1A71 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:16:10.0522 0x19e4  AtiHDAudioService - ok
22:16:10.0702 0x19e4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:16:10.0722 0x19e4  AudioEndpointBuilder - ok
22:16:10.0732 0x19e4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:16:10.0752 0x19e4  AudioSrv - ok
22:16:10.0792 0x19e4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:16:10.0792 0x19e4  AxInstSV - ok
22:16:10.0862 0x19e4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
22:16:10.0882 0x19e4  b06bdrv - ok
22:16:10.0922 0x19e4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:16:10.0932 0x19e4  b57nd60a - ok
22:16:11.0142 0x19e4  [ 85111026F1C5A1C4CCE3697F0DA7BC1A, 13C4BE5A017E641F9B9AD4867C91B52C9FD4ADBABBD4447EC9C3AB5DF4852C9E ] BCM43XX        C:\Windows\system32\DRIVERS\bcmwl664.sys
22:16:11.0232 0x19e4  BCM43XX - ok
22:16:11.0272 0x19e4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:16:11.0272 0x19e4  BDESVC - ok
22:16:11.0282 0x19e4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:16:11.0282 0x19e4  Beep - ok
22:16:11.0322 0x19e4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\Windows\System32\bfe.dll
22:16:11.0342 0x19e4  BFE - ok
22:16:11.0382 0x19e4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:16:11.0402 0x19e4  BITS - ok
22:16:11.0452 0x19e4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
22:16:11.0452 0x19e4  blbdrive - ok
22:16:11.0472 0x19e4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:16:11.0482 0x19e4  bowser - ok
22:16:11.0502 0x19e4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:16:11.0502 0x19e4  BrFiltLo - ok
22:16:11.0512 0x19e4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:16:11.0522 0x19e4  BrFiltUp - ok
22:16:11.0552 0x19e4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\Windows\System32\browser.dll
22:16:11.0552 0x19e4  Browser - ok
22:16:11.0582 0x19e4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
22:16:11.0592 0x19e4  Brserid - ok
22:16:11.0592 0x19e4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:16:11.0602 0x19e4  BrSerWdm - ok
22:16:11.0612 0x19e4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:16:11.0612 0x19e4  BrUsbMdm - ok
22:16:11.0612 0x19e4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:16:11.0612 0x19e4  BrUsbSer - ok
22:16:11.0632 0x19e4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:16:11.0632 0x19e4  BTHMODEM - ok
22:16:11.0662 0x19e4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\Windows\system32\bthserv.dll
22:16:11.0662 0x19e4  bthserv - ok
22:16:11.0682 0x19e4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:16:11.0682 0x19e4  cdfs - ok
22:16:11.0722 0x19e4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
22:16:11.0722 0x19e4  cdrom - ok
22:16:11.0762 0x19e4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\Windows\System32\certprop.dll
22:16:11.0762 0x19e4  CertPropSvc - ok
22:16:11.0792 0x19e4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:16:11.0792 0x19e4  circlass - ok
22:16:11.0852 0x19e4  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
22:16:11.0872 0x19e4  CLFS - ok
22:16:11.0942 0x19e4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:16:11.0952 0x19e4  clr_optimization_v2.0.50727_32 - ok
22:16:11.0982 0x19e4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:16:11.0992 0x19e4  clr_optimization_v2.0.50727_64 - ok
22:16:12.0062 0x19e4  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:16:12.0062 0x19e4  clr_optimization_v4.0.30319_32 - ok
22:16:12.0092 0x19e4  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:16:12.0102 0x19e4  clr_optimization_v4.0.30319_64 - ok
22:16:12.0142 0x19e4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
22:16:12.0142 0x19e4  CmBatt - ok
22:16:12.0172 0x19e4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:16:12.0172 0x19e4  cmdide - ok
22:16:12.0252 0x19e4  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG            C:\Windows\system32\Drivers\cng.sys
22:16:12.0262 0x19e4  CNG - ok
22:16:12.0302 0x19e4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
22:16:12.0302 0x19e4  Compbatt - ok
22:16:12.0332 0x19e4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:16:12.0332 0x19e4  CompositeBus - ok
22:16:12.0352 0x19e4  COMSysApp - ok
22:16:12.0372 0x19e4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
22:16:12.0382 0x19e4  crcdisk - ok
22:16:12.0432 0x19e4  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:16:12.0442 0x19e4  CryptSvc - ok
22:16:12.0482 0x19e4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:16:12.0492 0x19e4  DcomLaunch - ok
22:16:12.0532 0x19e4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\Windows\System32\defragsvc.dll
22:16:12.0542 0x19e4  defragsvc - ok
22:16:12.0562 0x19e4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:16:12.0562 0x19e4  DfsC - ok
22:16:12.0582 0x19e4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:16:12.0592 0x19e4  Dhcp - ok
22:16:12.0632 0x19e4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:16:12.0632 0x19e4  discache - ok
22:16:12.0672 0x19e4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
22:16:12.0672 0x19e4  Disk - ok
22:16:12.0712 0x19e4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:16:12.0722 0x19e4  Dnscache - ok
22:16:12.0752 0x19e4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\Windows\System32\dot3svc.dll
22:16:12.0762 0x19e4  dot3svc - ok
22:16:12.0782 0x19e4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\Windows\system32\dps.dll
22:16:12.0792 0x19e4  DPS - ok
22:16:12.0832 0x19e4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
22:16:12.0832 0x19e4  drmkaud - ok
22:16:12.0912 0x19e4  [ 4AB2A58816CC6BE771F1D8C768B804C5, 8D4D33D68D13A7EB0114959DAE841411961C18C6EDF8E1559649903D20BD3D50 ] DsiWMIService  C:\Program Files (x86)\Launch Manager\dsiwmis.exe
22:16:12.0932 0x19e4  DsiWMIService - ok
22:16:13.0012 0x19e4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
22:16:13.0032 0x19e4  DXGKrnl - ok
22:16:13.0072 0x19e4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\Windows\System32\eapsvc.dll
22:16:13.0072 0x19e4  EapHost - ok
22:16:13.0252 0x19e4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\Windows\system32\drivers\evbda.sys
22:16:13.0312 0x19e4  ebdrv - ok
22:16:13.0352 0x19e4  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] EFS            C:\Windows\System32\lsass.exe
22:16:13.0362 0x19e4  EFS - ok
22:16:13.0442 0x19e4  [ 03E6888DA1A85ACF14AC2A3C328A9E62, 120A7A10F6DAC991B91BFEC5430FD9F929E173AB513891B229F19A9BA4EC3998 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
22:16:13.0452 0x19e4  EgisTec Ticket Service - ok
22:16:13.0542 0x19e4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
22:16:13.0552 0x19e4  ehRecvr - ok
22:16:13.0572 0x19e4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\Windows\ehome\ehsched.exe
22:16:13.0582 0x19e4  ehSched - ok
22:16:13.0632 0x19e4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
22:16:13.0642 0x19e4  elxstor - ok
22:16:13.0812 0x19e4  [ EB1C213A8550F066B2CCC29C9F41E2AE, D23E92EA5389F4FD1B3157FD611AC5301384DB21BAE5E935D507548CB2E49CDC ] ePowerSvc      C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
22:16:13.0822 0x19e4  ePowerSvc - ok
22:16:13.0842 0x19e4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:16:13.0852 0x19e4  ErrDev - ok
22:16:13.0882 0x19e4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\Windows\system32\es.dll
22:16:13.0892 0x19e4  EventSystem - ok
22:16:13.0922 0x19e4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\Windows\system32\drivers\exfat.sys
22:16:13.0932 0x19e4  exfat - ok
22:16:13.0962 0x19e4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
22:16:13.0972 0x19e4  fastfat - ok
22:16:14.0052 0x19e4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\Windows\system32\fxssvc.exe
22:16:14.0062 0x19e4  Fax - ok
22:16:14.0072 0x19e4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\Windows\system32\drivers\fdc.sys
22:16:14.0082 0x19e4  fdc - ok
22:16:14.0102 0x19e4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\Windows\system32\fdPHost.dll
22:16:14.0102 0x19e4  fdPHost - ok
22:16:14.0122 0x19e4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:16:14.0122 0x19e4  FDResPub - ok
22:16:14.0132 0x19e4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:16:14.0132 0x19e4  FileInfo - ok
22:16:14.0142 0x19e4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
22:16:14.0142 0x19e4  Filetrace - ok
22:16:14.0202 0x19e4  [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:16:14.0212 0x19e4  FLEXnet Licensing Service - ok
22:16:14.0342 0x19e4  [ 1C3FB052A0BB72EDAED90785C34D6EED, 5300A82D1A79EBA1768F545E73974E3B8CE189AB39CDF905BF42AFA2E497186B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
22:16:14.0382 0x19e4  FLEXnet Licensing Service 64 - ok
22:16:14.0402 0x19e4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:16:14.0402 0x19e4  flpydisk - ok
22:16:14.0442 0x19e4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:16:14.0462 0x19e4  FltMgr - ok
22:16:14.0552 0x19e4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache      C:\Windows\system32\FntCache.dll
22:16:14.0582 0x19e4  FontCache - ok
22:16:14.0642 0x19e4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:16:14.0642 0x19e4  FontCache3.0.0.0 - ok
22:16:14.0672 0x19e4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
22:16:14.0682 0x19e4  FsDepends - ok
22:16:14.0702 0x19e4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:16:14.0702 0x19e4  Fs_Rec - ok
22:16:14.0762 0x19e4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:16:14.0772 0x19e4  fvevol - ok
22:16:14.0802 0x19e4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:16:14.0802 0x19e4  gagp30kx - ok
22:16:14.0862 0x19e4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc          C:\Windows\System32\gpsvc.dll
22:16:14.0882 0x19e4  gpsvc - ok
22:16:14.0952 0x19e4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:16:14.0962 0x19e4  gupdate - ok
22:16:14.0982 0x19e4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:16:14.0992 0x19e4  gupdatem - ok
22:16:15.0002 0x19e4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:16:15.0012 0x19e4  hcw85cir - ok
22:16:15.0062 0x19e4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:16:15.0072 0x19e4  HdAudAddService - ok
22:16:15.0112 0x19e4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:16:15.0112 0x19e4  HDAudBus - ok
22:16:15.0122 0x19e4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
22:16:15.0132 0x19e4  HidBatt - ok
22:16:15.0142 0x19e4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:16:15.0142 0x19e4  HidBth - ok
22:16:15.0152 0x19e4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\Windows\system32\drivers\hidir.sys
22:16:15.0152 0x19e4  HidIr - ok
22:16:15.0172 0x19e4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\Windows\system32\hidserv.dll
22:16:15.0172 0x19e4  hidserv - ok
22:16:15.0202 0x19e4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:16:15.0212 0x19e4  HidUsb - ok
22:16:15.0242 0x19e4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:16:15.0242 0x19e4  hkmsvc - ok
22:16:15.0272 0x19e4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:16:15.0282 0x19e4  HomeGroupListener - ok
22:16:15.0332 0x19e4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:16:15.0342 0x19e4  HomeGroupProvider - ok
22:16:15.0392 0x19e4  [ DBD2BB97A574FC565B1EB5C0A03F917A, 3946F8F95C3A7371E168BC82F068E7F830A07FD545A16F47336902E174E0370A ] HPEWSFXBULK    C:\Windows\system32\drivers\hpfx64bulk.sys
22:16:15.0392 0x19e4  HPEWSFXBULK - ok
22:16:15.0422 0x19e4  [ DBD2BB97A574FC565B1EB5C0A03F917A, 3946F8F95C3A7371E168BC82F068E7F830A07FD545A16F47336902E174E0370A ] HPFXBULK        C:\Windows\system32\drivers\hpfx64bulk.sys
22:16:15.0422 0x19e4  HPFXBULK - ok
22:16:15.0462 0x19e4  [ 219C2A07FD07023D3905C332BF6F9BA8, D1648BB751909470D307A915F07B4F54282B94E159378CC7118D6F32478020E9 ] HPFXFAX        C:\Windows\system32\drivers\hpfx64fax.sys
22:16:15.0462 0x19e4  HPFXFAX - ok
22:16:15.0592 0x19e4  [ F50F7984FDD151EDD8A70A8DBD9E2A44, 45E7ECA40298B233D124993D6C9D4FBBF05E9A843F4DE089317342B3D8A83696 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
22:16:15.0602 0x19e4  hpqcxs08 - ok
22:16:15.0622 0x19e4  [ DF446BA625CC441617843E87798CE048, B45C11EEA7EA792DE82E9BB283B9DCF30F891AAB8366075856BD84D10BCBCCD3 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
22:16:15.0632 0x19e4  hpqddsvc - ok
22:16:15.0662 0x19e4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:16:15.0672 0x19e4  HpSAMD - ok
22:16:15.0752 0x19e4  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:16:15.0782 0x19e4  HTTP - ok
22:16:15.0792 0x19e4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:16:15.0792 0x19e4  hwpolicy - ok
22:16:15.0852 0x19e4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:16:15.0852 0x19e4  i8042prt - ok
22:16:15.0892 0x19e4  [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
22:16:15.0902 0x19e4  iaStor - ok
22:16:15.0992 0x19e4  [ 983FC69644DDF0486C8DFEA262948D1A, 329EC95117C31E61F6D22D79CFF339D70A70522710E7DC0CED06EC95E6D4B34F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:16:15.0992 0x19e4  IAStorDataMgrSvc - ok
22:16:16.0062 0x19e4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
22:16:16.0082 0x19e4  iaStorV - ok
22:16:16.0162 0x19e4  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
22:16:16.0162 0x19e4  IDriverT - ok
22:16:16.0272 0x19e4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:16:16.0302 0x19e4  idsvc - ok
22:16:16.0332 0x19e4  IEEtwCollectorService - ok
22:16:16.0352 0x19e4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
22:16:16.0352 0x19e4  iirsp - ok
22:16:16.0422 0x19e4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:16:16.0442 0x19e4  IKEEXT - ok
22:16:16.0632 0x19e4  [ B60ACCD29F8FAFC4A6344CD2BD5CA3A5, C4AD62778FED37BD854AF0F115CFFD6E62995E2B8720E620995DA2BDC191AFC3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:16:16.0682 0x19e4  IntcAzAudAddService - ok
22:16:16.0702 0x19e4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:16:16.0702 0x19e4  intelide - ok
22:16:16.0752 0x19e4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:16:16.0752 0x19e4  intelppm - ok
22:16:16.0802 0x19e4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
22:16:16.0812 0x19e4  IPBusEnum - ok
22:16:16.0842 0x19e4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:16:16.0842 0x19e4  IpFilterDriver - ok
22:16:16.0892 0x19e4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:16:16.0922 0x19e4  iphlpsvc - ok
22:16:16.0932 0x19e4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
22:16:16.0942 0x19e4  IPMIDRV - ok
22:16:16.0952 0x19e4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
22:16:16.0962 0x19e4  IPNAT - ok
22:16:16.0992 0x19e4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:16:16.0992 0x19e4  IRENUM - ok
22:16:17.0012 0x19e4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:16:17.0012 0x19e4  isapnp - ok
22:16:17.0032 0x19e4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:16:17.0042 0x19e4  iScsiPrt - ok
22:16:17.0062 0x19e4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:16:17.0062 0x19e4  kbdclass - ok
22:16:17.0072 0x19e4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:16:17.0082 0x19e4  kbdhid - ok
22:16:17.0102 0x19e4  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] KeyIso          C:\Windows\system32\lsass.exe
22:16:17.0112 0x19e4  KeyIso - ok
22:16:17.0152 0x19e4  [ 063C09DB965E3DFD6F4F08416F6DB8F5, 0BE015C59288397536B3941BA55EFE0CF06714BC43FF3A33A1D844B4E0F16097 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:16:17.0162 0x19e4  KSecDD - ok
22:16:17.0212 0x19e4  [ 1FA627E63195BF3BF636BFEF0D7190D4, 794456605303F4916E81BE899E0B05CB070094E719ADA8BE8072A761E35CA8E9 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
22:16:17.0222 0x19e4  KSecPkg - ok
22:16:17.0252 0x19e4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
22:16:17.0252 0x19e4  ksthunk - ok
22:16:17.0302 0x19e4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\Windows\system32\msdtckrm.dll
22:16:17.0322 0x19e4  KtmRm - ok
22:16:17.0362 0x19e4  [ 0E154DA6CA9105354A07D0C576804037, 10A7F6E2A031C2D96B362411DCA2C347E7D7B6ADED9021674E0E633AB9F45D7B ] L1C            C:\Windows\system32\DRIVERS\L1C62x64.sys
22:16:17.0362 0x19e4  L1C - ok
22:16:17.0422 0x19e4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:16:17.0442 0x19e4  LanmanServer - ok
22:16:17.0472 0x19e4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:16:17.0472 0x19e4  LanmanWorkstation - ok
22:16:17.0542 0x19e4  [ 93B73DED2BC688F140C6AE2FBAD45789, B6859BC5D309B99BCCDC3717108B714497AAE9C5B26CE5B201344A41FC4CFF9D ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
22:16:17.0562 0x19e4  Live Updater Service - ok
22:16:17.0602 0x19e4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:16:17.0602 0x19e4  lltdio - ok
22:16:17.0652 0x19e4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
22:16:17.0662 0x19e4  lltdsvc - ok
22:16:17.0672 0x19e4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\Windows\System32\lmhsvc.dll
22:16:17.0672 0x19e4  lmhosts - ok
22:16:17.0732 0x19e4  [ 50C7CE53EF461870410355F1F2E7D515, D6E84C63D74E4603D37FD7CC88BF51DE23CD17DB1D1AD4ADBED62F949F3C470C ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:16:17.0742 0x19e4  LMS - ok
22:16:17.0772 0x19e4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:16:17.0772 0x19e4  LSI_FC - ok
22:16:17.0802 0x19e4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
22:16:17.0802 0x19e4  LSI_SAS - ok
22:16:17.0822 0x19e4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:16:17.0832 0x19e4  LSI_SAS2 - ok
22:16:17.0842 0x19e4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:16:17.0842 0x19e4  LSI_SCSI - ok
22:16:17.0872 0x19e4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\Windows\system32\drivers\luafv.sys
22:16:17.0872 0x19e4  luafv - ok
22:16:17.0902 0x19e4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
22:16:17.0902 0x19e4  Mcx2Svc - ok
22:16:17.0922 0x19e4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\Windows\system32\drivers\megasas.sys
22:16:17.0922 0x19e4  megasas - ok
22:16:17.0962 0x19e4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:16:17.0962 0x19e4  MegaSR - ok
22:16:18.0012 0x19e4  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
22:16:18.0022 0x19e4  MEIx64 - ok
22:16:18.0112 0x19e4  Microsoft SharePoint Workspace Audit Service - ok
22:16:18.0142 0x19e4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\Windows\system32\mmcss.dll
22:16:18.0142 0x19e4  MMCSS - ok
22:16:18.0172 0x19e4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\Windows\system32\drivers\modem.sys
22:16:18.0172 0x19e4  Modem - ok
22:16:18.0192 0x19e4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
22:16:18.0202 0x19e4  monitor - ok
22:16:18.0222 0x19e4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:16:18.0222 0x19e4  mouclass - ok
22:16:18.0262 0x19e4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:16:18.0262 0x19e4  mouhid - ok
22:16:18.0292 0x19e4  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:16:18.0302 0x19e4  mountmgr - ok
22:16:18.0372 0x19e4  [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:16:18.0382 0x19e4  MozillaMaintenance - ok
22:16:18.0482 0x19e4  [ FBA4CDA6B3B00D7A116DCC2B5C7E9790, FE909159323290555971F031E7911DCCD035B873E630A230A660C13D57719206 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
22:16:18.0492 0x19e4  MpFilter - ok
22:16:18.0502 0x19e4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:16:18.0512 0x19e4  mpio - ok
22:16:18.0532 0x19e4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:16:18.0532 0x19e4  mpsdrv - ok
22:16:18.0592 0x19e4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:16:18.0612 0x19e4  MpsSvc - ok
22:16:18.0642 0x19e4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:16:18.0642 0x19e4  MRxDAV - ok
22:16:18.0672 0x19e4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:16:18.0682 0x19e4  mrxsmb - ok
22:16:18.0722 0x19e4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:16:18.0722 0x19e4  mrxsmb10 - ok
22:16:18.0742 0x19e4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:16:18.0742 0x19e4  mrxsmb20 - ok
22:16:18.0762 0x19e4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:16:18.0772 0x19e4  msahci - ok
22:16:18.0792 0x19e4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
22:16:18.0802 0x19e4  msdsm - ok
22:16:18.0822 0x19e4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\Windows\System32\msdtc.exe
22:16:18.0822 0x19e4  MSDTC - ok
22:16:18.0842 0x19e4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:16:18.0842 0x19e4  Msfs - ok
22:16:18.0872 0x19e4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
22:16:18.0872 0x19e4  mshidkmdf - ok
22:16:18.0882 0x19e4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:16:18.0882 0x19e4  msisadrv - ok
22:16:18.0912 0x19e4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
22:16:18.0912 0x19e4  MSiSCSI - ok
22:16:18.0922 0x19e4  msiserver - ok
22:16:18.0952 0x19e4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
22:16:18.0952 0x19e4  MSKSSRV - ok
22:16:19.0032 0x19e4  [ F46BA4E7F4A34295B20917CD77F6CEC9, 1A91AC1AC1FBFC6922D0430D752240A91C9001373B1F84F960FDE0AC062A411A ] MsMpSvc        c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:16:19.0032 0x19e4  MsMpSvc - ok
22:16:19.0052 0x19e4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:16:19.0052 0x19e4  MSPCLOCK - ok
22:16:19.0072 0x19e4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
22:16:19.0072 0x19e4  MSPQM - ok
22:16:19.0102 0x19e4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
22:16:19.0112 0x19e4  MsRPC - ok
22:16:19.0122 0x19e4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:16:19.0122 0x19e4  mssmbios - ok
22:16:19.0142 0x19e4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
22:16:19.0142 0x19e4  MSTEE - ok
22:16:19.0152 0x19e4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:16:19.0152 0x19e4  MTConfig - ok
22:16:19.0172 0x19e4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup            C:\Windows\system32\Drivers\mup.sys
22:16:19.0172 0x19e4  Mup - ok
22:16:19.0192 0x19e4  [ 9B1EAC6FAF6F37305E822F5588DC8056, AE0DC044159BB03EE8A39AE0682C8F6A78D89AD5A6192E7006D75850ECD50E9D ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
22:16:19.0192 0x19e4  mwlPSDFilter - ok
22:16:19.0202 0x19e4  [ AD55C1524B296280ED9C6E0D730D35DA, 8E5F9652CFCB325E131CEB2E4871126EB6F940DF7894B2E7F8241F1EF69920ED ] mwlPSDNServ    C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
22:16:19.0202 0x19e4  mwlPSDNServ - ok
22:16:19.0222 0x19e4  [ 2B599E6EC8843637BDD62E7F8F3BA201, 51EE657FC6CA4F2BCC24573B27379231EF30920A559423A860A278C59F4B9F98 ] mwlPSDVDisk    C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
22:16:19.0222 0x19e4  mwlPSDVDisk - ok
22:16:19.0282 0x19e4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:16:19.0302 0x19e4  napagent - ok
22:16:19.0382 0x19e4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
22:16:19.0392 0x19e4  NativeWifiP - ok
22:16:19.0492 0x19e4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:16:19.0512 0x19e4  NDIS - ok
22:16:19.0562 0x19e4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
22:16:19.0562 0x19e4  NdisCap - ok
22:16:19.0582 0x19e4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:16:19.0582 0x19e4  NdisTapi - ok
22:16:19.0622 0x19e4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
22:16:19.0632 0x19e4  Ndisuio - ok
22:16:19.0652 0x19e4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
22:16:19.0662 0x19e4  NdisWan - ok
22:16:19.0682 0x19e4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
22:16:19.0692 0x19e4  NDProxy - ok
22:16:19.0732 0x19e4  [ 00BF813976F87A012DF7C44E0B91F750, 05FE8218894460471E61AD62E18624497156CCAC6DBCAF693B563310468B09A6 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
22:16:19.0732 0x19e4  Net Driver HPZ12 - ok
22:16:19.0742 0x19e4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
22:16:19.0742 0x19e4  NetBIOS - ok
22:16:19.0762 0x19e4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
22:16:19.0772 0x19e4  NetBT - ok
22:16:19.0782 0x19e4  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] Netlogon        C:\Windows\system32\lsass.exe
22:16:19.0782 0x19e4  Netlogon - ok
22:16:19.0832 0x19e4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:16:19.0842 0x19e4  Netman - ok
22:16:19.0922 0x19e4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:16:19.0932 0x19e4  NetMsmqActivator - ok
22:16:19.0932 0x19e4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:16:19.0942 0x19e4  NetPipeActivator - ok
22:16:19.0962 0x19e4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:16:19.0972 0x19e4  netprofm - ok
22:16:19.0972 0x19e4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:16:19.0982 0x19e4  NetTcpActivator - ok
22:16:19.0982 0x19e4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:16:19.0992 0x19e4  NetTcpPortSharing - ok
22:16:20.0012 0x19e4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
22:16:20.0012 0x19e4  nfrd960 - ok
22:16:20.0062 0x19e4  [ E10B84385C3FEEF4BDE8E6A980535522, 56D9E47B76CDABE45E64C9E74DCBCC2F7C07A44519ED938BD730018C48445614 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:16:20.0062 0x19e4  NisDrv - ok
22:16:20.0102 0x19e4  [ 9BF50324444C46997C2492D505B47F2D, 42C74456C64F7D688E0911255746BD2A52A3590AED22B24F7E385760D720B8E9 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
22:16:20.0102 0x19e4  NisSrv - ok
22:16:20.0162 0x19e4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:16:20.0182 0x19e4  NlaSvc - ok
22:16:20.0232 0x19e4  [ 1381E95D4E0F94F22DD484B5F8C1D61D, E91C10A62E3B5A610063F48354C6F4A1AAB7300A69EAD59E89ED8EEFDBD99062 ] nmwcd          C:\Windows\system32\drivers\ccdcmbx64.sys
22:16:20.0232 0x19e4  nmwcd - ok
22:16:20.0272 0x19e4  [ 205510CDB7B6084BF31760B5D06F9242, F3EAC6A7127DC5A0FEE7A9AFA561A8CA9B6E83FECCD731C890E85C33514B533B ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
22:16:20.0272 0x19e4  nmwcdc - ok
22:16:20.0292 0x19e4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:16:20.0292 0x19e4  Npfs - ok
22:16:20.0322 0x19e4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\Windows\system32\nsisvc.dll
22:16:20.0322 0x19e4  nsi - ok
22:16:20.0342 0x19e4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:16:20.0342 0x19e4  nsiproxy - ok
22:16:20.0462 0x19e4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:16:20.0492 0x19e4  Ntfs - ok
22:16:20.0552 0x19e4  [ 6CC09D2F0BA4A09BABC3C41B8FD888F7, 25E8E30575EF2A20600509FD74B18E90D497B742ABAF946073128EA8DEFE5F54 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
22:16:20.0562 0x19e4  NTI IScheduleSvc - ok
22:16:20.0582 0x19e4  [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr        C:\Windows\system32\drivers\NTIDrvr.sys
22:16:20.0582 0x19e4  NTIDrvr - ok
22:16:20.0602 0x19e4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:16:20.0602 0x19e4  Null - ok
22:16:20.0632 0x19e4  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
22:16:20.0632 0x19e4  nusb3hub - ok
22:16:20.0652 0x19e4  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
22:16:20.0672 0x19e4  nusb3xhc - ok
22:16:20.0702 0x19e4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:16:20.0712 0x19e4  nvraid - ok
22:16:20.0742 0x19e4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:16:20.0752 0x19e4  nvstor - ok
22:16:20.0772 0x19e4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:16:20.0772 0x19e4  nv_agp - ok
22:16:20.0792 0x19e4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:16:20.0792 0x19e4  ohci1394 - ok
22:16:20.0852 0x19e4  [ 6F722C84CCCEF77A871D0F7E50AB25EB, F81F33DC8C20A6C331B1F7006B124F2FB9B7297E0C37CB7272A4074C2D19856C ] OpenVPNService  C:\Program Files\OpenVPN\bin\openvpnserv.exe
22:16:20.0852 0x19e4  OpenVPNService - ok
22:16:20.0932 0x19e4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:16:20.0942 0x19e4  ose - ok
22:16:21.0192 0x19e4  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:16:21.0272 0x19e4  osppsvc - ok
22:16:21.0322 0x19e4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:16:21.0332 0x19e4  p2pimsvc - ok
22:16:21.0352 0x19e4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:16:21.0362 0x19e4  p2psvc - ok
22:16:21.0392 0x19e4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\Windows\system32\drivers\parport.sys
22:16:21.0392 0x19e4  Parport - ok
22:16:21.0412 0x19e4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
22:16:21.0412 0x19e4  partmgr - ok
22:16:21.0462 0x19e4  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:16:21.0472 0x19e4  PcaSvc - ok
22:16:21.0542 0x19e4  [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
22:16:21.0542 0x19e4  pccsmcfd - ok
22:16:21.0572 0x19e4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\Windows\system32\drivers\pci.sys
22:16:21.0582 0x19e4  pci - ok
22:16:21.0602 0x19e4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:16:21.0602 0x19e4  pciide - ok
22:16:21.0632 0x19e4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:16:21.0642 0x19e4  pcmcia - ok
22:16:21.0662 0x19e4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\Windows\system32\drivers\pcw.sys
22:16:21.0662 0x19e4  pcw - ok
22:16:21.0732 0x19e4  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:16:21.0742 0x19e4  PEAUTH - ok
22:16:21.0822 0x19e4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:16:21.0822 0x19e4  PerfHost - ok
22:16:21.0912 0x19e4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\Windows\system32\pla.dll
22:16:21.0942 0x19e4  pla - ok
22:16:22.0032 0x19e4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:16:22.0042 0x19e4  PlugPlay - ok
22:16:22.0092 0x19e4  [ 0272AE40FE4C117E43F2F24820F93AA5, EECE10CA064D4A6C4ACB6F8AE98C886B19485B15D5EC5104F2A3FC3561C361BF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
22:16:22.0102 0x19e4  Pml Driver HPZ12 - ok
22:16:22.0122 0x19e4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
22:16:22.0122 0x19e4  PNRPAutoReg - ok
22:16:22.0172 0x19e4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
22:16:22.0182 0x19e4  PNRPsvc - ok
22:16:22.0222 0x19e4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
22:16:22.0232 0x19e4  PolicyAgent - ok
22:16:22.0362 0x19e4  [ F5BDF41E927613E6ED4FD42376F444A3, B6C7FB060AEDE70B6CF62D13FD8FA2007F368C0E9E2F8A55C3BB6C97C788E69D ] postgresql-9.3  C:\Program Files (x86)\PostgreSQL\9.3\bin\pg_ctl.exe
22:16:22.0372 0x19e4  postgresql-9.3 - ok
22:16:22.0412 0x19e4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power          C:\Windows\system32\umpo.dll
22:16:22.0432 0x19e4  Power - ok
22:16:22.0472 0x19e4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:16:22.0472 0x19e4  PptpMiniport - ok
22:16:22.0482 0x19e4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\Windows\system32\drivers\processr.sys
22:16:22.0492 0x19e4  Processor - ok
22:16:22.0512 0x19e4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc        C:\Windows\system32\profsvc.dll
22:16:22.0522 0x19e4  ProfSvc - ok
22:16:22.0532 0x19e4  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:16:22.0532 0x19e4  ProtectedStorage - ok
22:16:22.0542 0x19e4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:16:22.0542 0x19e4  Psched - ok
22:16:22.0612 0x19e4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:16:22.0642 0x19e4  ql2300 - ok
22:16:22.0652 0x19e4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:16:22.0662 0x19e4  ql40xx - ok
22:16:22.0682 0x19e4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\Windows\system32\qwave.dll
22:16:22.0692 0x19e4  QWAVE - ok
22:16:22.0712 0x19e4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:16:22.0712 0x19e4  QWAVEdrv - ok
22:16:22.0732 0x19e4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:16:22.0732 0x19e4  RasAcd - ok
22:16:22.0772 0x19e4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
22:16:22.0772 0x19e4  RasAgileVpn - ok
22:16:22.0792 0x19e4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\Windows\System32\rasauto.dll
22:16:22.0792 0x19e4  RasAuto - ok
22:16:22.0802 0x19e4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
22:16:22.0812 0x19e4  Rasl2tp - ok
22:16:22.0822 0x19e4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:16:22.0832 0x19e4  RasMan - ok
22:16:22.0852 0x19e4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:16:22.0852 0x19e4  RasPppoe - ok
22:16:22.0862 0x19e4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
22:16:22.0862 0x19e4  RasSstp - ok
22:16:22.0882 0x19e4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
22:16:22.0892 0x19e4  rdbss - ok
22:16:22.0912 0x19e4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
22:16:22.0912 0x19e4  rdpbus - ok
22:16:22.0932 0x19e4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:16:22.0932 0x19e4  RDPCDD - ok
22:16:22.0962 0x19e4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:16:22.0972 0x19e4  RDPENCDD - ok
22:16:22.0982 0x19e4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:16:22.0982 0x19e4  RDPREFMP - ok
22:16:23.0022 0x19e4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
22:16:23.0032 0x19e4  RDPWD - ok
22:16:23.0062 0x19e4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:16:23.0062 0x19e4  rdyboost - ok
22:16:23.0092 0x19e4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:16:23.0102 0x19e4  RemoteAccess - ok
22:16:23.0122 0x19e4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:16:23.0122 0x19e4  RemoteRegistry - ok
22:16:23.0142 0x19e4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:16:23.0142 0x19e4  RpcEptMapper - ok
22:16:23.0162 0x19e4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:16:23.0162 0x19e4  RpcLocator - ok
22:16:23.0192 0x19e4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs          C:\Windows\system32\rpcss.dll
22:16:23.0202 0x19e4  RpcSs - ok
22:16:23.0242 0x19e4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:16:23.0242 0x19e4  rspndr - ok
22:16:23.0302 0x19e4  [ 9BEB5F18A418FF70659CE2E356829568, 8E327A99E68B5F9028778F5845719D00C590882B8609AF66D97DA880D537C937 ] RSUSBSTOR      C:\Windows\System32\Drivers\RtsUStor.sys
22:16:23.0322 0x19e4  RSUSBSTOR - ok
22:16:23.0332 0x19e4  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] SamSs          C:\Windows\system32\lsass.exe
22:16:23.0332 0x19e4  SamSs - ok
22:16:23.0342 0x19e4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:16:23.0352 0x19e4  sbp2port - ok
22:16:23.0392 0x19e4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:16:23.0402 0x19e4  SCardSvr - ok
22:16:23.0422 0x19e4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:16:23.0432 0x19e4  scfilter - ok
22:16:23.0482 0x19e4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
22:16:23.0502 0x19e4  Schedule - ok
22:16:23.0532 0x19e4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\Windows\System32\certprop.dll
22:16:23.0532 0x19e4  SCPolicySvc - ok
22:16:23.0542 0x19e4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:16:23.0552 0x19e4  SDRSVC - ok
22:16:23.0582 0x19e4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:16:23.0582 0x19e4  secdrv - ok
22:16:23.0592 0x19e4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
22:16:23.0602 0x19e4  seclogon - ok
22:16:23.0622 0x19e4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:16:23.0622 0x19e4  SENS - ok
22:16:23.0652 0x19e4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:16:23.0652 0x19e4  SensrSvc - ok
22:16:23.0672 0x19e4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\Windows\system32\drivers\serenum.sys
22:16:23.0672 0x19e4  Serenum - ok
22:16:23.0702 0x19e4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
22:16:23.0702 0x19e4  Serial - ok
22:16:23.0722 0x19e4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:16:23.0722 0x19e4  sermouse - ok
22:16:23.0852 0x19e4  [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
22:16:23.0872 0x19e4  ServiceLayer - ok
22:16:23.0892 0x19e4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:16:23.0892 0x19e4  SessionEnv - ok
22:16:23.0902 0x19e4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
22:16:23.0902 0x19e4  sffdisk - ok
22:16:23.0912 0x19e4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:16:23.0912 0x19e4  sffp_mmc - ok
22:16:23.0932 0x19e4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
22:16:23.0932 0x19e4  sffp_sd - ok
22:16:23.0942 0x19e4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
22:16:23.0942 0x19e4  sfloppy - ok
22:16:23.0982 0x19e4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:16:24.0002 0x19e4  SharedAccess - ok
22:16:24.0052 0x19e4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:16:24.0062 0x19e4  ShellHWDetection - ok
22:16:24.0092 0x19e4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:16:24.0092 0x19e4  SiSRaid2 - ok
22:16:24.0112 0x19e4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:16:24.0112 0x19e4  SiSRaid4 - ok
22:16:24.0222 0x19e4  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
22:16:24.0232 0x19e4  SkypeUpdate - ok
22:16:24.0262 0x19e4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
22:16:24.0262 0x19e4  Smb - ok
22:16:24.0312 0x19e4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:16:24.0312 0x19e4  SNMPTRAP - ok
22:16:24.0322 0x19e4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\Windows\system32\drivers\spldr.sys
22:16:24.0322 0x19e4  spldr - ok
22:16:24.0372 0x19e4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler        C:\Windows\System32\spoolsv.exe
22:16:24.0402 0x19e4  Spooler - ok
22:16:24.0552 0x19e4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:16:24.0622 0x19e4  sppsvc - ok
22:16:24.0632 0x19e4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
22:16:24.0632 0x19e4  sppuinotify - ok
22:16:24.0702 0x19e4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\Windows\system32\DRIVERS\srv.sys
22:16:24.0712 0x19e4  srv - ok
22:16:24.0742 0x19e4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:16:24.0752 0x19e4  srv2 - ok
22:16:24.0772 0x19e4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:16:24.0772 0x19e4  srvnet - ok
22:16:24.0812 0x19e4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
22:16:24.0812 0x19e4  SSDPSRV - ok
22:16:24.0832 0x19e4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\Windows\system32\sstpsvc.dll
22:16:24.0832 0x19e4  SstpSvc - ok
22:16:24.0852 0x19e4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:16:24.0852 0x19e4  stexstor - ok
22:16:24.0942 0x19e4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:16:24.0962 0x19e4  stisvc - ok
22:16:24.0982 0x19e4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:16:24.0982 0x19e4  swenum - ok
22:16:25.0002 0x19e4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\Windows\System32\swprv.dll
22:16:25.0012 0x19e4  swprv - ok
22:16:25.0102 0x19e4  [ EF51B22706DB03F0857FADE127C804EC, F3A97B8D94E96ACF93448CDF33DED97B076C3D8FFE42E9EAD088EE662306277B ] SynTP          C:\Windows\system32\DRIVERS\SynTP.sys
22:16:25.0122 0x19e4  SynTP - ok
22:16:25.0182 0x19e4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain        C:\Windows\system32\sysmain.dll
22:16:25.0212 0x19e4  SysMain - ok
22:16:25.0242 0x19e4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:16:25.0252 0x19e4  TabletInputService - ok
22:16:25.0282 0x19e4  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901        C:\Windows\system32\DRIVERS\tap0901.sys
22:16:25.0282 0x19e4  tap0901 - ok
22:16:25.0302 0x19e4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\Windows\System32\tapisrv.dll
22:16:25.0312 0x19e4  TapiSrv - ok
22:16:25.0332 0x19e4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS            C:\Windows\System32\tbssvc.dll
22:16:25.0332 0x19e4  TBS - ok
22:16:25.0492 0x19e4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
22:16:25.0532 0x19e4  Tcpip - ok
22:16:25.0582 0x19e4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:16:25.0612 0x19e4  TCPIP6 - ok
22:16:25.0632 0x19e4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:16:25.0642 0x19e4  tcpipreg - ok
22:16:25.0672 0x19e4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:16:25.0672 0x19e4  TDPIPE - ok
22:16:25.0682 0x19e4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
22:16:25.0682 0x19e4  TDTCP - ok
22:16:25.0712 0x19e4  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
22:16:25.0722 0x19e4  tdx - ok
22:16:25.0982 0x19e4  [ 0F2A43DB0A4A70EF400295F413527293, D67D78CFB47E9EA1C1D9B37BFFFB44320A6ECC2D0C029768517C64F3A1882E19 ] TeamViewer8    C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
22:16:26.0072 0x19e4  TeamViewer8 - ok
22:16:26.0102 0x19e4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:16:26.0102 0x19e4  TermDD - ok
22:16:26.0202 0x19e4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService    C:\Windows\System32\termsrv.dll
22:16:26.0212 0x19e4  TermService - ok
22:16:26.0242 0x19e4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:16:26.0242 0x19e4  Themes - ok
22:16:26.0282 0x19e4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\Windows\system32\mmcss.dll
22:16:26.0282 0x19e4  THREADORDER - ok
22:16:26.0312 0x19e4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:16:26.0312 0x19e4  TrkWks - ok
22:16:26.0362 0x19e4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:16:26.0382 0x19e4  TrustedInstaller - ok
22:16:26.0412 0x19e4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:16:26.0412 0x19e4  tssecsrv - ok
22:16:26.0442 0x19e4  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:16:26.0442 0x19e4  TsUsbFlt - ok
22:16:26.0472 0x19e4  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
22:16:26.0472 0x19e4  TsUsbGD - ok
22:16:26.0512 0x19e4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:16:26.0512 0x19e4  tunnel - ok
22:16:26.0552 0x19e4  [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
22:16:26.0552 0x19e4  TurboB - ok
22:16:26.0592 0x19e4  [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
22:16:26.0612 0x19e4  TurboBoost - ok
22:16:26.0622 0x19e4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:16:26.0632 0x19e4  uagp35 - ok
22:16:26.0642 0x19e4  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
22:16:26.0642 0x19e4  UBHelper - ok
22:16:26.0672 0x19e4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:16:26.0682 0x19e4  udfs - ok
22:16:26.0712 0x19e4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\Windows\system32\UI0Detect.exe
22:16:26.0712 0x19e4  UI0Detect - ok
22:16:26.0732 0x19e4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:16:26.0732 0x19e4  uliagpkx - ok
22:16:26.0762 0x19e4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
22:16:26.0762 0x19e4  umbus - ok
22:16:26.0782 0x19e4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:16:26.0782 0x19e4  UmPass - ok
22:16:26.0942 0x19e4  [ 374EBDA379A8F38E0CFC2211611E7167, 0D6C3002B28E27C052227488CEE69FA99399421FF777EB48031E6080A759F532 ] UNS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:16:26.0982 0x19e4  UNS - ok
22:16:27.0022 0x19e4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:16:27.0032 0x19e4  upnphost - ok
22:16:27.0082 0x19e4  [ 311C90F0767A63000AC35DD0A7078A30, DB80E10015DCC595F90C31CE61590DB07E84F8B13DA904B2D59233678C366A2D ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
22:16:27.0082 0x19e4  upperdev - ok
22:16:27.0122 0x19e4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
22:16:27.0132 0x19e4  usbccgp - ok
22:16:27.0162 0x19e4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:16:27.0172 0x19e4  usbcir - ok
22:16:27.0212 0x19e4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci        C:\Windows\system32\drivers\usbehci.sys
22:16:27.0212 0x19e4  usbehci - ok
22:16:27.0282 0x19e4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:16:27.0302 0x19e4  usbhub - ok
22:16:27.0352 0x19e4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci        C:\Windows\system32\drivers\usbohci.sys
22:16:27.0352 0x19e4  usbohci - ok
22:16:27.0402 0x19e4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:16:27.0402 0x19e4  usbprint - ok
22:16:27.0442 0x19e4  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
22:16:27.0442 0x19e4  usbscan - ok
22:16:27.0502 0x19e4  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
22:16:27.0502 0x19e4  usbser - ok
22:16:27.0552 0x19e4  [ C03DA998E412D69D18DD11D835229AF0, DD43E370EF370767588A6D56A51A4ADF99B5E063C7AA0528F91FD431DE7C2932 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
22:16:27.0552 0x19e4  UsbserFilt - ok
22:16:27.0572 0x19e4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:16:27.0572 0x19e4  USBSTOR - ok
22:16:27.0612 0x19e4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
22:16:27.0612 0x19e4  usbuhci - ok
22:16:27.0662 0x19e4  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:16:27.0662 0x19e4  usbvideo - ok
22:16:27.0702 0x19e4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\Windows\System32\uxsms.dll
22:16:27.0702 0x19e4  UxSms - ok
22:16:27.0722 0x19e4  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] VaultSvc        C:\Windows\system32\lsass.exe
22:16:27.0732 0x19e4  VaultSvc - ok
22:16:27.0792 0x19e4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:16:27.0792 0x19e4  vdrvroot - ok
22:16:27.0852 0x19e4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\Windows\System32\vds.exe
22:16:27.0862 0x19e4  vds - ok
22:16:27.0882 0x19e4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
22:16:27.0882 0x19e4  vga - ok
22:16:27.0892 0x19e4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\Windows\System32\drivers\vga.sys
22:16:27.0892 0x19e4  VgaSave - ok
22:16:27.0912 0x19e4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
22:16:27.0912 0x19e4  vhdmp - ok
22:16:27.0952 0x19e4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:16:27.0952 0x19e4  viaide - ok
22:16:27.0992 0x19e4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:16:28.0002 0x19e4  volmgr - ok
22:16:28.0032 0x19e4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
22:16:28.0032 0x19e4  volmgrx - ok
22:16:28.0062 0x19e4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap        C:\Windows\system32\drivers\volsnap.sys
22:16:28.0062 0x19e4  volsnap - ok
22:16:28.0102 0x19e4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
22:16:28.0102 0x19e4  vsmraid - ok
22:16:28.0202 0x19e4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\Windows\system32\vssvc.exe
22:16:28.0232 0x19e4  VSS - ok
22:16:28.0252 0x19e4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:16:28.0252 0x19e4  vwifibus - ok
22:16:28.0262 0x19e4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:16:28.0262 0x19e4  vwififlt - ok
22:16:28.0292 0x19e4  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
22:16:28.0292 0x19e4  vwifimp - ok
22:16:28.0302 0x19e4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\Windows\system32\w32time.dll
22:16:28.0312 0x19e4  W32Time - ok
22:16:28.0332 0x19e4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:16:28.0332 0x19e4  WacomPen - ok
22:16:28.0362 0x19e4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:16:28.0362 0x19e4  WANARP - ok
22:16:28.0362 0x19e4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:16:28.0372 0x19e4  Wanarpv6 - ok
22:16:28.0472 0x19e4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
22:16:28.0492 0x19e4  WatAdminSvc - ok
22:16:28.0592 0x19e4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:16:28.0622 0x19e4  wbengine - ok
22:16:28.0652 0x19e4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:16:28.0662 0x19e4  WbioSrvc - ok
22:16:28.0682 0x19e4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
22:16:28.0692 0x19e4  wcncsvc - ok
22:16:28.0702 0x19e4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:16:28.0712 0x19e4  WcsPlugInService - ok
22:16:28.0742 0x19e4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
22:16:28.0742 0x19e4  Wd - ok
22:16:28.0812 0x19e4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:16:28.0832 0x19e4  Wdf01000 - ok
22:16:28.0902 0x19e4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:16:28.0912 0x19e4  WdiServiceHost - ok
22:16:28.0922 0x19e4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost  C:\Windows\system32\wdi.dll
22:16:28.0932 0x19e4  WdiSystemHost - ok
22:16:28.0962 0x19e4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient      C:\Windows\System32\webclnt.dll
22:16:28.0972 0x19e4  WebClient - ok
22:16:28.0992 0x19e4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:16:29.0002 0x19e4  Wecsvc - ok
22:16:29.0012 0x19e4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
22:16:29.0022 0x19e4  wercplsupport - ok
22:16:29.0052 0x19e4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:16:29.0052 0x19e4  WerSvc - ok
22:16:29.0092 0x19e4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:16:29.0092 0x19e4  WfpLwf - ok
22:16:29.0102 0x19e4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:16:29.0102 0x19e4  WIMMount - ok
22:16:29.0122 0x19e4  WinDefend - ok
22:16:29.0132 0x19e4  WinHttpAutoProxySvc - ok
22:16:29.0192 0x19e4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
22:16:29.0212 0x19e4  Winmgmt - ok
22:16:29.0332 0x19e4  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM          C:\Windows\system32\WsmSvc.dll
22:16:29.0372 0x19e4  WinRM - ok
22:16:29.0432 0x19e4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:16:29.0432 0x19e4  WinUsb - ok
22:16:29.0502 0x19e4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\Windows\System32\wlansvc.dll
22:16:29.0512 0x19e4  Wlansvc - ok
22:16:29.0572 0x19e4  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:16:29.0572 0x19e4  wlcrasvc - ok
22:16:29.0732 0x19e4  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:16:29.0762 0x19e4  wlidsvc - ok
22:16:29.0812 0x19e4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\Windows\system32\DRIVERS\wmiacpi.sys
22:16:29.0812 0x19e4  WmiAcpi - ok
22:16:29.0842 0x19e4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:16:29.0852 0x19e4  wmiApSrv - ok
22:16:29.0892 0x19e4  WMPNetworkSvc - ok
22:16:29.0952 0x19e4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:16:29.0962 0x19e4  WPCSvc - ok
22:16:29.0992 0x19e4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:16:30.0012 0x19e4  WPDBusEnum - ok
22:16:30.0122 0x19e4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
22:16:30.0132 0x19e4  ws2ifsl - ok
22:16:30.0202 0x19e4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:16:30.0202 0x19e4  wscsvc - ok
22:16:30.0252 0x19e4  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
22:16:30.0252 0x19e4  WSDPrintDevice - ok
22:16:30.0262 0x19e4  WSearch - ok
22:16:30.0402 0x19e4  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:16:30.0452 0x19e4  wuauserv - ok
22:16:30.0492 0x19e4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:16:30.0502 0x19e4  WudfPf - ok
22:16:30.0542 0x19e4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:16:30.0552 0x19e4  WUDFRd - ok
22:16:30.0572 0x19e4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
22:16:30.0572 0x19e4  wudfsvc - ok
22:16:30.0622 0x19e4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc        C:\Windows\System32\wwansvc.dll
22:16:30.0642 0x19e4  WwanSvc - ok
22:16:30.0662 0x19e4  ================ Scan global ===============================
22:16:30.0682 0x19e4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:16:30.0732 0x19e4  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
22:16:30.0742 0x19e4  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
22:16:30.0812 0x19e4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:16:30.0872 0x19e4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:16:30.0882 0x19e4  [ Global ] - ok
22:16:30.0892 0x19e4  ================ Scan MBR ==================================
22:16:30.0922 0x19e4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:16:31.0112 0x19e4  \Device\Harddisk0\DR0 - ok
22:16:31.0112 0x19e4  ================ Scan VBR ==================================
22:16:31.0112 0x19e4  [ 4D86CF065DD4DFA0E9C15D15AF6DAF70 ] \Device\Harddisk0\DR0\Partition1
22:16:31.0162 0x19e4  \Device\Harddisk0\DR0\Partition1 - ok
22:16:31.0172 0x19e4  [ C8B545E284FD160650F9B0492735C455 ] \Device\Harddisk0\DR0\Partition2
22:16:31.0172 0x19e4  \Device\Harddisk0\DR0\Partition2 - ok
22:16:31.0172 0x19e4  ================ Scan generic autorun ======================
22:16:31.0172 0x19e4  IntelTBRunOnce - ok
22:16:31.0182 0x19e4  SynTPEnh - ok
22:16:31.0582 0x19e4  [ CD0C3EB4B9CB721B1BDF26DE75BFF0DB, 94F60137BB04E973BFCA97145DD442EC88CF29FEA2AFC9AAE24E6C2B6A959CC0 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:16:31.0772 0x19e4  RtHDVCpl - ok
22:16:31.0852 0x19e4  [ B7BC99F07C3EB3BD51498636D636D221, 576079FB286B2289BAC998CDC1627CA6758823FB4AE12CA8AEFFB7015F57BD03 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:16:31.0892 0x19e4  RtHDVBg - ok
22:16:32.0042 0x19e4  [ 38AEA10E23EF79A685BF922EC9437F3E, 7C72270F92EC3F68AC5E6BF66CFFB9C113D25126C34223651F8E751E425FE33D ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
22:16:32.0072 0x19e4  Power Management - ok
22:16:32.0292 0x19e4  [ 4EC5E852A5E67B33966614A9B2C56D95, B2878AC44303CAB9A532D83E4F030238EAA9E2D133BA2C3F100B5206E9FE1423 ] C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe
22:16:32.0362 0x19e4  HP Color LaserJet CM1312 MFP Series Fax - ok
22:16:32.0492 0x19e4  [ 87A4BA086E5B5DF0F36E3F6D7234D701, EE26338497E016A95CB5970777B7B7AC8FAEF4E491713D729EDEFBCDC9FBF4A4 ] c:\Program Files\Microsoft Security Client\msseces.exe
22:16:32.0512 0x19e4  MSC - ok
22:16:32.0622 0x19e4  [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
22:16:32.0642 0x19e4  AdobeAAMUpdater-1.0 - ok
22:16:32.0722 0x19e4  [ 6FB60B441A8F326C03FD37C2B450E426, 4A841DD76A80602F178F2EB1C210FF3A2D9CFCF65247CFCC85AE84C6FE17D328 ] C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE
22:16:32.0732 0x19e4  CNAP2 Launcher - ok
22:16:32.0772 0x19e4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
22:16:32.0772 0x19e4  Logitech Download Assistant - ok
22:16:32.0812 0x19e4  [ 41D1214B86A06FD29423A797EBDA17E4, ABC79107DDD5890C54B844CD5C69747121083DA69A77C02068D2B9C349FB1614 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
22:16:32.0822 0x19e4  IAStorIcon - ok
22:16:32.0852 0x19e4  [ 75AD45ED633B866D90AEAA296C21F7E8, 6211E788258298EAE520A0A0510E66BCA0E280F4958B454919C270D0F53931D9 ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
22:16:32.0862 0x19e4  SuiteTray - ok
22:16:32.0912 0x19e4  [ E7EA57B35951D093A9647D8D5CE3340D, 7F88A5F07CF05E43BFA40A72C74DDDAB480C493E302A2532C2FA2A28D2F3D2D5 ] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
22:16:32.0912 0x19e4  EgisTecPMMUpdate - ok
22:16:32.0942 0x19e4  [ DC1AA3868108B8FF57F6C8045FCD4603, 6D32849D6296ABD24B56628161075299A2E0A5FF2071F3C1FD08DD4876C020F0 ] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
22:16:32.0952 0x19e4  EgisUpdate - ok
22:16:32.0992 0x19e4  [ 33E5A8FC8EB0EE42478F8538D0215D8F, 206ACA11B99234A1D31C5DD8506D207B591883AAA5CFBBADAC66A13A3F523881 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
22:16:32.0992 0x19e4  Adobe Reader Speed Launcher - ok
22:16:33.0042 0x19e4  [ EC124B84101FEC0A7D6745ED5DD91AD6, 0A164C514FA978B684FBBC640FBEE16C376CF3307B4333F98F184FDAED81E799 ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
22:16:33.0052 0x19e4  BackupManagerTray - ok
22:16:33.0142 0x19e4  [ 7860DE9E6138E7F45ECFDE87656DDCA7, 70B9870452C12C0C72DBE6D35D27A7F7DFBC337D985FC9383C237A97E2CC206A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
22:16:33.0162 0x19e4  StartCCC - ok
22:16:33.0252 0x19e4  [ 2ADC102A6D92BFB1F092A1A165E24181, 08D8292916B5B1A24FC663924240675E540CEF7C14DF43ACFA021E9921FCC2A9 ] C:\Program Files (x86)\Launch Manager\LManager.exe
22:16:33.0282 0x19e4  LManager - ok
22:16:33.0302 0x19e4  [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
22:16:33.0302 0x19e4  NUSB3MON - ok
22:16:33.0372 0x19e4  [ 14017E1CE1583C2C26F69C5BC3D4DBD0, 1D17EC0FF6DF5AF44C82EA6C6806CC940121BC93439D87C5442D7EEEFFA39E3A ] C:\Dolby PCEE4\pcee4.exe
22:16:33.0392 0x19e4  Dolby Advanced Audio v2 - ok
22:16:33.0482 0x19e4  [ F710D61C5F1067B5189667D58392DABC, 82373EB87E19BEA6F4F3D77D60A6405CED2DB76B501A20333F50207678B7CC57 ] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
22:16:33.0492 0x19e4  ArcadeMovieService - ok
22:16:33.0602 0x19e4  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
22:16:33.0602 0x19e4  BCSSync - ok
22:16:33.0672 0x19e4  [ E43A851F7B12DE589424D6C656155CFC, FD42172921C18D1BBDFC0C5CFFFD6D0534764D770E210CA3E1DF61A66A99BE62 ] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
22:16:33.0692 0x19e4  AdobeCS4ServiceManager - ok
22:16:33.0752 0x19e4  [ AEB3E8A6308604C3490A36D06D6685DC, CAFAE7697261CDA6934E324FC45D893BB452F23A1196FECC6930B72FFA8A2738 ] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
22:16:33.0762 0x19e4  Adobe Acrobat Speed Launcher - ok
22:16:33.0882 0x19e4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:16:33.0912 0x19e4  Sidebar - ok
22:16:33.0932 0x19e4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:16:33.0932 0x19e4  mctadmin - ok
22:16:33.0932 0x19e4  IsMyWinLockerReboot - ok
22:16:33.0962 0x19e4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:16:33.0982 0x19e4  Sidebar - ok
22:16:33.0992 0x19e4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:16:33.0992 0x19e4  mctadmin - ok
22:16:33.0992 0x19e4  IsMyWinLockerReboot - ok
22:16:34.0102 0x19e4  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
22:16:34.0132 0x19e4  Sidebar - ok
22:16:34.0432 0x19e4  [ C81F59B7D524FB462F73B27757084618, 6C7DF7257ED0D9C69A53B98F15EAF1B42D302659791EE80F48D06BCA11EA09D8 ] C:\Program Files\CCleaner\CCleaner64.exe
22:16:34.0572 0x19e4  CCleaner Monitoring - ok
22:16:34.0572 0x19e4  Waiting for KSN requests completion. In queue: 127
22:16:35.0842 0x19e4  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.7.205.0 ), 0x61000 ( enabled : updated )
22:16:35.0892 0x19e4  Win FW state via NFP2: enabled
22:16:36.0282 0x19e4  ============================================================
22:16:36.0282 0x19e4  Scan finished
22:16:36.0282 0x19e4  ============================================================
22:16:36.0302 0x12fc  Detected object count: 0
22:16:36.0302 0x12fc  Actual detected object count: 0
22:16:48.0542 0x12b4  Deinitialize success
Da hat er was gefunden....

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 07.05.2015
Suchlauf-Zeit: 23:32:27
Logdatei: mbamlog.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.05.07.04
Rootkit Datenbank: v2015.04.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: User

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 378369
Verstrichene Zeit: 14 Min, 44 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 1
PUP.Optional.FlowSurf.A, HKU\S-1-5-18\SOFTWARE\FLOWSURF, In Quarantäne, [f1dfd9b70a80c37325478fbe9075df21],

Registrierungswerte: 2
PUP.Optional.FreeMakeConverter.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|fmconverter@gmail.com, C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\, In Quarantäne, [7a56216f6e1c1a1c808819cfa06357a9]
PUP.Optional.FlowSurf.A, HKU\S-1-5-18\SOFTWARE\FLOWSURF|chrid, oglkiljdmflopemijdadoiepkhcaodjn, In Quarantäne, [f1dfd9b70a80c37325478fbe9075df21]

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 4
PUP.Optional.Winsock.HijackBoot, C:\Windows\System32\abengineOff.ini, In Quarantäne, [933d028e4c3ee94de75036aadc27758b],
PUP.Optional.Winsock.HijackBoot, C:\Windows\SysWOW64\abengineOff.ini, In Quarantäne, [ffd10d83800a989ec374b03083808d73],
PUP.Optional.Flowsurf.A, C:\Windows\SysWOW64\abengine.ini, In Quarantäne, [e4ec9af6c9c1f83e0c2c726e16ed37c9],
PUP.Optional.Flowsurf.A, C:\Windows\System32\Tasks\upfs7214, In Quarantäne, [765a17798802f93d3dfd34ac3ec5b44c],

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
AdwCleaner

Code:
# AdwCleaner v4.203 - Bericht erstellt 07/05/2015 um 23:59:46
# Aktualisiert 30/04/2015 von Xplode
# Datenbank : 2015-05-05.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : User - GUDRUN-PC
# Gestarted von : D:\Daten\Gudrun\Internet\adwcleaner_4.203.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****

Task Gelöscht : upfs7214

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\abengine.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4AEC2270-2E5F-40C8-BE5A-E5A5264714C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{62163814-0C94-4DC3-BA99-5E9E2420C914}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{68AEA825-D48B-4A56-87F0-6FCE988A2C48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AF435BC-80A9-466E-938B-32E4482EBD65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{85CEBABD-A775-41E2-8B67-FE06104F06ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AE92A5AB-E575-4487-BCC0-96D333E5346C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CDB85458-AE08-4106-B699-B946FF4A61CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1BCB34DC-BA6D-4B44-B786-4E259598A7C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4AEC2270-2E5F-40C8-BE5A-E5A5264714C0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{62163814-0C94-4DC3-BA99-5E9E2420C914}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{68AEA825-D48B-4A56-87F0-6FCE988A2C48}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AF435BC-80A9-466E-938B-32E4482EBD65}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{85CEBABD-A775-41E2-8B67-FE06104F06ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AE92A5AB-E575-4487-BCC0-96D333E5346C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CDB85458-AE08-4106-B699-B946FF4A61CD}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - 87.230.26.172:3128

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.2 (x86 de)


*************************

AdwCleaner[R0].txt - [4375 Bytes] - [05/12/2014 00:32:00]
AdwCleaner[R1].txt - [3092 Bytes] - [07/05/2015 23:54:02]
AdwCleaner[R2].txt - [3151 Bytes] - [07/05/2015 23:55:34]
AdwCleaner[S0].txt - [4147 Bytes] - [05/12/2014 00:36:09]
AdwCleaner[S1].txt - [2783 Bytes] - [07/05/2015 23:59:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2842  Bytes] ##########

schrauber 08.05.2015 16:50
ZIP einfach normal löschen.


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

guddy68 17.05.2015 21:04
Halli, hallo,

nun ist mein schöner Urlaub zu Ende und ich kann mich wieder um den Rechner kümmern. Würde mich freuen, wenn ihr mir weier helfen könnt. Der ist wohl noch immer befallen.

Hier nun mein log Eset


Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d6b749384945344ab83ef53502924eb2
# engine=23888
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-17 07:46:07
# local_time=2015-05-17 09:46:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 8202027 73201683 0 0
# scanned=319760
# found=4
# cleaned=0
# scan_time=11848
sh=144B6520531E945BAE204C11CEF3455A4A8DDD74 ft=1 fh=0ffd04955ee9fc59 vn="Win32/Adware.Flinject.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Flowsurf\upfs7214.exe.vir"
sh=02DB8C0132596F0E2B2CBED4A81D6DCDFE050D50 ft=1 fh=40c9877dbec53ba0 vn="Win32/AdWare.Linkular.AH Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\User\AppData\Local\DownloadGuide\Offers\Lollipop.exe.vir"
sh=F8935573391555518C560A87DA9D48A7AFB964A9 ft=1 fh=d5f378fbab67b337 vn="Variante von Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\User\AppData\Local\DownloadGuide\Offers\vis-freeware.exe.vir"
sh=BC1A8CCF19F523BDDF6D01AF4A18A7DBA2DA9B50 ft=1 fh=a5d33fc981aa8025 vn="Variante von Win32/Adware.iBryte.H Anwendung" ac=I fn="D:\Daten\Gudrun\Internet\setup1.exe"
Code:
Results of screen317's Security Check version 1.001 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials 
  (On Access scanning disabled!)
 Error obtaining update status for antivirus! 
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 45 
 Adobe Flash Player 17.0.0.169 
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox (37.0.2)
 Mozilla Thunderbird (31.6.0)
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by User (administrator) on GUDRUN-PC on 17-05-2015 22:02:31
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available profiles: User)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\pg_ctl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.3\bin\postgres.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dolby Laboratories Inc.) C:\DOLBY PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpn.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mirko Böer) C:\Program Files (x86)\SSK\sskfree.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1796200 2011-02-22] (Acer Incorporated)
HKLM\...\Run: [HP Color LaserJet CM1312 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-15] (CANON INC.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-13] (Intel Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-03-09] (NTI Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-02-18] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPUsageTracking] => C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [24576 2009-05-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1977744977-3695908920-4128797142-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-1977744977-3695908920-4128797142-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe [927920 2015-04-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-1977744977-3695908920-4128797142-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-10-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1977744977-3695908920-4128797142-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1977744977-3695908920-4128797142-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1977744977-3695908920-4128797142-1000 -> {5C5A0EA6-1B5F-40AB-8B13-CEF11C6F9BA9} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A010DE662&p={SearchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.27 192.168.1.17

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\te2rx261.default
FF Homepage: hxxp://www.rp-online.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-11-12] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-11-12] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1977744977-3695908920-4128797142-1000: @citrixonline.com/appdetectorplugin -> C:\Users\User\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-04-11] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-04-17] (Cisco WebEx LLC)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-03-22]
FF Extension: WOT - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\te2rx261.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: Personas Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\te2rx261.default\Extensions\personas@christopher.beard.xpi [2013-10-02]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-10-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-03-09] (NTI Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [File not signed]
R2 postgresql-9.3; C:\Program Files (x86)\PostgreSQL\9.3\bin\pg_ctl.exe [80384 2014-02-18] (PostgreSQL Global Development Group) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 HPEWSFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [20504 2007-07-16] (Hewlett Packard)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 22:01 - 2015-05-17 22:01 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion
2015-05-17 21:57 - 2015-05-17 21:57 - 00852630 _____ () C:\Users\User\Desktop\SecurityCheck.exe
2015-05-17 18:22 - 2015-05-17 18:22 - 02347384 _____ (ESET) C:\Users\User\Desktop\esetsmartinstaller_deu.exe
2015-05-08 00:01 - 2015-05-08 00:01 - 00000360 _____ () C:\Windows\PFRO.log
2015-05-07 23:30 - 2015-05-07 23:30 - 00001147 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-07 23:30 - 2015-05-07 23:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-07 23:30 - 2015-05-07 23:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-07 23:30 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-07 23:30 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-07 23:20 - 2015-05-07 23:20 - 00002206 _____ () C:\Users\Public\Desktop\Secure Eraser.lnk
2015-05-07 23:20 - 2015-05-07 23:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\ASCOMP Software
2015-05-07 23:20 - 2015-05-07 23:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASCOMP Software
2015-05-07 23:20 - 2015-05-07 23:20 - 00000000 ____D () C:\Program Files (x86)\ASCOMP Software
2015-05-07 21:54 - 2015-05-07 21:54 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\User\Desktop\tdsskiller.exe
2015-05-07 21:52 - 2015-05-07 23:32 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-07 21:52 - 2015-05-07 23:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-07 21:52 - 2015-05-07 22:09 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-07 21:50 - 2015-05-07 22:09 - 00000000 ____D () C:\Users\User\Desktop\mbar
2015-05-07 21:50 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-07 21:49 - 2015-05-07 21:49 - 16502728 _____ (Malwarebytes Corp.) C:\Users\User\Desktop\mbar-1.09.1.1004.exe
2015-05-07 20:39 - 2015-05-07 20:39 - 00045499 _____ () C:\Users\User\Desktop\Addition.txt
2015-05-07 20:38 - 2015-05-17 22:02 - 00020565 _____ () C:\Users\User\Desktop\FRST.txt
2015-05-07 20:38 - 2015-05-17 22:02 - 00000000 ____D () C:\FRST
2015-05-07 20:01 - 2015-05-17 22:01 - 02107392 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2015-04-27 22:33 - 2015-05-17 17:02 - 00001232 _____ () C:\Windows\setupact.log
2015-04-27 22:33 - 2015-04-27 22:33 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-27 22:27 - 2015-04-27 22:28 - 00007146 _____ () C:\Users\User\Documents\cc_20150427_222745.reg
2015-04-27 22:26 - 2015-04-27 22:27 - 00206470 _____ () C:\Users\User\Documents\cc_20150427_222651.reg
2015-04-27 22:07 - 2015-04-27 22:07 - 00002790 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-04-27 22:07 - 2015-04-27 22:07 - 00000863 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-27 22:07 - 2015-04-27 22:07 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-22 17:36 - 2015-04-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-17 10:04 - 2015-04-17 10:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\webex
2015-04-17 10:04 - 2015-04-17 10:04 - 00000000 ____D () C:\Users\User\AppData\Local\WebEx
2015-04-17 10:04 - 2015-04-17 10:04 - 00000000 ____D () C:\ProgramData\WebEx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 22:00 - 2013-10-01 19:02 - 00000384 _____ () C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
2015-05-17 21:52 - 2013-10-02 14:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-17 20:51 - 2013-09-30 12:41 - 02055111 _____ () C:\Windows\WindowsUpdate.log
2015-05-17 17:28 - 2014-01-07 12:28 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-17 17:23 - 2014-01-07 12:28 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 17:23 - 2014-01-07 12:28 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-17 17:23 - 2014-01-07 12:28 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-17 17:09 - 2013-09-30 22:34 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2015-05-17 17:09 - 2013-09-30 22:34 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2015-05-17 17:09 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-17 17:09 - 2009-07-14 06:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-17 17:09 - 2009-07-14 06:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-17 17:03 - 2013-10-01 08:06 - 00000000 ____D () C:\ProgramData\clear.fi
2015-05-17 17:02 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-08 23:31 - 2013-10-19 20:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2015-05-07 23:59 - 2014-12-05 00:31 - 00000000 ____D () C:\AdwCleaner
2015-05-03 13:47 - 2013-10-08 14:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\MyPhoneExplorer
2015-04-27 22:25 - 2013-11-23 13:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\TeamViewer
2015-04-27 22:23 - 2013-12-31 00:56 - 00000000 ____D () C:\Windows\Minidump
2015-04-27 22:23 - 2007-07-12 03:49 - 00000000 ____D () C:\Windows\Panther
2015-04-25 01:24 - 2013-11-03 18:29 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-25 01:24 - 2013-11-03 18:28 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-25 01:22 - 2013-11-03 18:28 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-23 13:51 - 2013-10-02 08:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 13:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-18 13:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-17 10:04 - 2013-10-02 08:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2015-04-17 09:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

==================== Files in the root of some directories =======

2013-09-30 13:06 - 2013-09-30 13:08 - 0015219 _____ () C:\ProgramData\ArcadeDeluxe5.log
2011-04-20 10:03 - 2010-03-02 23:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2013-10-05 15:17 - 2013-10-05 16:08 - 0002070 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-04 10:06

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 18.05.2015 18:54
Adobe updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
D:\Daten\Gudrun\Internet\setup1.exe
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

guddy68 19.05.2015 09:11
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-05-2015 02
Ran by User at 2015-05-19 09:35:10 Run:2
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available profiles: User)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
D:\Daten\Gudrun\Internet\setup1.exe
Emptytemp:
*****************

"D:\Daten\Gudrun\Internet\setup1.exe" => File/Directory not found.
EmptyTemp: => Removed 10.9 MB temporary data.


The system needed a reboot.

==== End of Fixlog 09:35:11 ====

Ich habe weder Defogger noch Combofix verwendet.
mbar
tdsskiller
SecurityCheck.exe

und FRST

habe ich genutzt....

Gibt es da ach eine bestimmte Reihenfolge???

schrauber 19.05.2015 15:50
Nö, einfach Delfix :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:11 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131