Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows Update? Aero Design weg - bei mir auch

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.07.2015, 13:21   #1
bastiberlin
 
Windows Update? Aero Design weg - bei mir auch - Standard

Windows Update? Aero Design weg - bei mir auch



Hallo,

ich habe das gleiche Problem wie der Kollege (http://www.trojaner-board.de/168960-...esign-weg.html)

Habe nun, wie in seinem Problem beschrieben FRST installiert und den Scan laufen lassen:

Kann mir diesbezüglich jemand helfen?

Danke vorab.

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Basti (administrator) on BASTI-PC on 24-07-2015 12:41:05
Running from C:\Users\Basti\Downloads
Loaded Profiles: Basti (Available Profiles: Basti)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Basti\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\CompatTel\wicainventory.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-x64-V5.26.exe
(Microsoft Corporation) C:\c8e7715dc16f0ad006\mrtstub.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
(Farbar) C:\Users\Basti\Downloads\FRST64 (1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8098848 2009-09-04] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2009-10-30] (Acer Incorporated)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297112 2014-12-09] (COMODO)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-11] (Cisco Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3967129415-799815695-785154672-1001\...\Run: [GoogleChromeAutoLaunch_63D8154278637FAC558C6DCA49B059DF] => C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe [813896 2015-07-14] (Google Inc.)
HKU\S-1-5-21-3967129415-799815695-785154672-1001\...\Run: [Spotify Web Helper] => C:\Users\Basti\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2008632 2015-07-13] (Spotify Ltd)
HKU\S-1-5-21-3967129415-799815695-785154672-1001\...\Run: [Google Update] => C:\Users\Basti\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
HKU\S-1-5-18\...\Run: [Copy] => "C:\Users\Basti\AppData\Roaming\Copy\CopyAgent.exe"
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-02] (Microsoft Corporation)
Lsa: [Notification Packages] C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
ShellIconOverlayIdentifiers: [1aCopyShExtError] -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [2aCopyShExtSynced] -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [3aCopyShExtSyncing] -> {F6378A7A-F753-449B-AE1B-997A96132E61} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [4aCopyShExtSyncingProg1] -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [5aCopyShExtSyncingProg2] -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [6aCopyShExtSyncingProg3] -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [7aCopyShExtSyncingProg4] -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [8aCopyShExtSyncingProg5] -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => C:\Users\Basti\AppData\Roaming\Copy\overlay\CopyShExt.dll No File
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-10] (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3967129415-799815695-785154672-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5935&r=273604114815l04d4z115t48k2x285
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4B6CADAD-60B3-4557-AEAC-DCDA78E734BA}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\0kr1n4gz.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-19] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3967129415-799815695-785154672-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Basti\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3967129415-799815695-785154672-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3967129415-799815695-785154672-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Extension: No Name - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\0kr1n4gz.default\Extensions\groovesharkUnlocker@overlord1337.xpi [2013-05-29]
FF Extension: No Name - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\0kr1n4gz.default\Extensions\yt.fm@ashishdubey.info.xpi [2013-06-06]
FF Extension: No Name - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\0kr1n4gz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-09]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-01]

Chrome: 
=======
CHR HomePage: Default -> hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=ecfd496a-38c5-109b-1e68-93ccab8d7321&searchtype=hp&fr=linkury-tb&installDate={installDate}&type=hp1000
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR DefaultSuggestURL: Default -> hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\39.0.2171.71\pdf.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Basti\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Google Update) - C:\Users\Basti\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Unfriend Notify for Facebook) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahigpjeolkfgjdaeodlmaceggigbpeoh [2014-01-12]
CHR Extension: (Google Docs) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-20]
CHR Extension: (Google Drive) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-20]
CHR Extension: (YouTube) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-21]
CHR Extension: (Google Search) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-21]
CHR Extension: (Grooveshark Germany unlocker) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejcnhmeicafddjdaeecddemnhnomiaai [2013-09-27]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-04-21]
CHR Extension: (Last.fm Scrobbler) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm [2015-06-15]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2014-08-12]
CHR Extension: (Soundcloud Scrobbler) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpeffoigdfgjdbbijlaaodoicejjbpcg [2013-10-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Skype Click to Call) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-20]
CHR Extension: (Grooveshark Unlock for Germany) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkdjagkphafkafpalkhpnlmeihajppkb [2013-11-07]
CHR Extension: (Google Wallet) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
StartMenuInternet: Google Chrome.SRGNKSL2YBWGG66RISZCRL5KNE - C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Locked "BFE" service could not be unlocked. <===== ATTENTION

U3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-10] (Adobe Systems) [File not signed]
U2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2014-12-09] (COMODO)
U3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2014-12-09] (COMODO)
U2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [788000 2009-10-30] (Acer Incorporated)
U2 IGBASVC; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3450368 2009-09-05] (Egis Technology Inc.) [File not signed]
U3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
U3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
U2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
U2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
U2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) [File not signed]
U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2014-12-09] (COMODO)
U1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2014-12-09] (COMODO)
U1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45880 2014-12-09] (COMODO)
U1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104608 2014-12-09] (COMODO)
U3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
U3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
U5 BFE;  <===== ATTENTION Locked Service

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-24 12:41 - 2015-07-24 13:02 - 00022810 _____ C:\Users\Basti\Downloads\FRST.txt
2015-07-24 12:40 - 2015-07-24 12:41 - 00000000 ____D C:\FRST
2015-07-24 12:31 - 2015-07-24 12:32 - 02135552 _____ (Farbar) C:\Users\Basti\Downloads\FRST64.exe
2015-07-24 12:31 - 2015-07-24 12:32 - 02135552 _____ (Farbar) C:\Users\Basti\Downloads\FRST64 (1).exe
2015-07-24 12:21 - 2015-07-24 12:21 - 00000000 ____D C:\c8e7715dc16f0ad006
2015-07-21 15:01 - 2015-07-21 15:01 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 15:01 - 2015-07-21 15:01 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 01:38 - 2015-07-21 01:38 - 00017948 _____ C:\Users\Basti\Desktop\450 chellange.xlsx
2015-07-15 10:40 - 2015-07-15 10:40 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 10:40 - 2015-07-15 10:40 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 10:39 - 2015-07-15 10:39 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 10:39 - 2015-07-15 10:39 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 10:39 - 2015-07-15 10:39 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 10:39 - 2015-07-15 10:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 10:39 - 2015-07-15 10:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 10:39 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 10:39 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 10:39 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 10:38 - 2015-07-15 10:38 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 10:38 - 2015-07-15 10:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 10:38 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 10:37 - 2015-07-15 10:37 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 10:37 - 2015-07-15 10:37 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 10:37 - 2015-07-15 10:37 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 10:37 - 2015-07-15 10:37 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 10:37 - 2015-07-15 10:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 10:37 - 2015-07-15 10:37 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 10:37 - 2015-07-15 10:37 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 10:37 - 2015-07-15 10:37 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 10:37 - 2015-07-15 10:37 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 10:37 - 2015-07-15 10:37 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 10:37 - 2015-07-15 10:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 10:37 - 2015-07-15 10:37 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 10:37 - 2015-07-15 10:37 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 10:37 - 2015-07-15 10:37 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-10 20:08 - 2015-07-10 20:08 - 00023235 _____ C:\Users\Basti\Downloads\Springerling-Blattplanung_124S.xlsx
2015-07-10 20:08 - 2015-07-10 20:08 - 00023235 _____ C:\Users\Basti\Downloads\Springerling-Blattplanung_124S (2).xlsx
2015-07-10 20:08 - 2015-07-10 20:08 - 00023235 _____ C:\Users\Basti\Downloads\Springerling-Blattplanung_124S (1).xlsx
2015-07-09 16:15 - 2015-07-09 16:15 - 07527963 _____ C:\Users\Basti\Downloads\wetransfer-77a5a6.zip
2015-07-04 13:47 - 2015-07-04 13:47 - 00146802 _____ C:\Users\Basti\Downloads\Motorjournalismus.xlsx
2015-07-03 17:07 - 2015-07-03 17:22 - 00091136 _____ C:\Users\Basti\Downloads\Zeitnachweis 2014_Praktikum.xls
2015-07-03 17:07 - 2015-07-03 17:07 - 00110080 _____ C:\Users\Basti\Downloads\02_Zeitnachweis 2014_Studenten (Mo-So) (2).xls
2015-07-03 14:26 - 2015-07-14 14:27 - 00003852 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1435926358
2015-07-03 14:26 - 2015-07-03 14:26 - 00001133 _____ C:\Users\Public\Desktop\Opera 30.lnk
2015-07-03 14:26 - 2015-07-03 14:26 - 00001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 30.lnk
2015-07-03 14:26 - 2015-07-03 14:26 - 00000000 ____D C:\Users\Basti\AppData\Local\Opera Software
2015-07-03 14:25 - 2015-07-03 14:25 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Opera Software
2015-06-30 21:29 - 2015-06-30 21:32 - 00000000 ____D C:\Users\Basti\Documents\Olivia
2015-06-30 21:29 - 2015-06-30 21:29 - 00001744 _____ C:\Users\Basti\Desktop\Olivia - Verknüpfung.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-24 13:04 - 2013-10-28 20:33 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2015-07-24 13:02 - 2014-04-28 18:48 - 00156294 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-07-24 12:32 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-24 12:32 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-24 12:28 - 2011-09-19 20:58 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001UA.job
2015-07-24 12:28 - 2011-04-05 16:45 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-24 12:27 - 2013-10-17 15:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-24 12:26 - 2011-11-01 22:10 - 00001138 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001UA.job
2015-07-24 12:22 - 2013-10-17 14:13 - 00000000 ____D C:\Windows\system32\MRT
2015-07-24 12:21 - 2013-10-17 14:13 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-24 12:06 - 2013-10-15 16:17 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec9b145a0b813.job
2015-07-24 12:06 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-24 12:04 - 2009-07-14 06:51 - 00188606 _____ C:\Windows\setupact.log
2015-07-23 12:50 - 2010-11-17 16:56 - 00798686 _____ C:\Windows\system32\perfh007.dat
2015-07-23 12:50 - 2010-11-17 16:56 - 00203174 _____ C:\Windows\system32\perfc007.dat
2015-07-23 12:50 - 2009-07-14 07:13 - 01775472 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-23 10:28 - 2011-09-19 20:58 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001Core.job
2015-07-22 23:32 - 2013-01-13 03:21 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Spotify
2015-07-22 18:27 - 2011-10-23 14:17 - 00000000 ____D C:\Users\Basti\Documents\OpenTTD
2015-07-22 10:35 - 2013-10-17 15:33 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-22 10:20 - 2013-01-13 03:21 - 00000000 ____D C:\Users\Basti\AppData\Local\Spotify
2015-07-22 10:12 - 2009-07-14 06:45 - 00479720 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 01:03 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-17 09:26 - 2011-11-01 22:10 - 00001116 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001Core.job
2015-07-16 19:27 - 2015-04-09 10:20 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 19:27 - 2015-04-09 10:20 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 19:27 - 2014-12-13 13:28 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 19:27 - 2014-05-06 11:08 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-16 19:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 10:47 - 2010-11-10 15:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-16 10:23 - 2014-01-07 11:19 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cec9b145a0b813
2015-07-16 10:23 - 2011-09-19 20:58 - 00004090 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001UA
2015-07-16 10:23 - 2011-09-19 20:58 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001Core
2015-07-16 10:23 - 2011-04-05 16:45 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-14 22:25 - 2011-09-19 21:00 - 00002360 _____ C:\Users\Basti\Desktop\Google Chrome.lnk
2015-07-14 14:27 - 2011-04-14 22:49 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-13 12:21 - 2012-06-16 10:37 - 00000000 ____D C:\Users\Basti\Documents\01 Uni
2015-07-13 11:57 - 2011-04-05 21:49 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Skype
2015-07-13 11:28 - 2011-04-05 21:49 - 00000000 ____D C:\ProgramData\Skype
2015-07-01 13:10 - 2014-07-12 14:19 - 00000000 ____D C:\Users\Basti\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2014-05-08 19:56 - 2014-05-08 20:06 - 6103040 _____ () C:\Program Files (x86)\GUT2A31.tmp
2010-11-10 15:09 - 2009-02-10 22:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2015-03-10 01:32 - 2015-03-10 01:32 - 0003584 _____ () C:\Users\Basti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-12-28 19:07 - 2011-12-28 19:07 - 0004096 ____H () C:\Users\Basti\AppData\Local\keyfile3.drm
2010-11-17 08:24 - 2010-11-17 08:26 - 0008417 _____ () C:\ProgramData\ArcadeDeluxe3.log
2011-04-05 21:56 - 2011-04-05 21:56 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-11-10 15:09 - 2009-07-18 04:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2012-11-22 19:38 - 2012-11-22 20:43 - 0004122 _____ () C:\ProgramData\hpzinstall.log
2013-10-08 23:35 - 2013-10-09 01:25 - 0000000 _____ () C:\ProgramData\hwid7tt.ctrl
2013-10-08 23:35 - 2013-10-09 01:25 - 95025368 ____T () C:\ProgramData\hwid7tt.pff

Files to move or delete:
====================
C:\ProgramData\hwid7tt.ctrl
C:\ProgramData\hwid7tt.pff


Some files in TEMP:
====================
C:\Users\Basti\AppData\Local\Temp\ABP_InstallChecker.exe
C:\Users\Basti\AppData\Local\Temp\ABP_TB0001.exe
C:\Users\Basti\AppData\Local\Temp\AskSLib.dll
C:\Users\Basti\AppData\Local\Temp\DivXWebPlayerInstaller.exe
C:\Users\Basti\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbjwz6v.dll
C:\Users\Basti\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Basti\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Basti\AppData\Local\Temp\iTunesPluginWinSetup_3.0.4.0.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Basti\AppData\Local\Temp\Last.fm-2.1.32.exe
C:\Users\Basti\AppData\Local\Temp\Offer100.exe
C:\Users\Basti\AppData\Local\Temp\ose00002.exe
C:\Users\Basti\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Basti\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Basti\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Basti\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Basti\AppData\Local\Temp\wmpfirefoxplugin.exe
C:\Users\Basti\AppData\Local\Temp\WmpPluginSetup_2.1.0.6.exe
C:\Users\Basti\AppData\Local\Temp\{28C2AE83-0CDF-4C54-A3EB-49F648C98865}-31.0.1650.57_30.0.1599.101_chrome_updater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-06 15:06

==================== End of log ============================
         

Alt 24.07.2015, 13:22   #2
bastiberlin
 
Windows Update? Aero Design weg - bei mir auch - Standard

Windows Update? Aero Design weg - bei mir auch



[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Basti at 2015-07-24 13:06:59
Running from C:\Users\Basti\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3967129415-799815695-785154672-500 - Administrator - Disabled)
Basti (S-1-5-21-3967129415-799815695-785154672-1001 - Administrator - Enabled) => C:\Users\Basti
Gast (S-1-5-21-3967129415-799815695-785154672-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7029 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7029 - CyberLink Corp.) Hidden
Acer Arcade Instant On (x32 Version: 3.0.20.1 - Acer) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.1.29 - NewTech Infosystems)
Acer Bio Protection (HKLM-x32\...\InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}) (Version: 6.2.56 - Egis Technology Inc.)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.5.3 - Suyin Optronics Corp)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.06.3007 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.9.0715 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Adobe Reader X (10.1.8) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Airline Tycoon Evolution (HKLM-x32\...\{16E43D5F-5296-4D53-B303-9D951AFE510F}) (Version:  - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Backup Manager Advance (x32 Version: 2.0.1.29 - NewTech Infosystems) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BRAINYOO (HKLM-x32\...\BRAINYOO) (Version:  - BRAINYOO Ltd.)
Bridge Building Game (HKLM-x32\...\Bridge Building Game) (Version:  - )
Broadcom Gigabit Integrated Controller (HKLM\...\{49F3D04B-B849-4C89-AB31-2366A004EA28}) (Version: 12.24.01 - Broadcom Corporation)
CDex extraction audio (HKLM-x32\...\CDex) (Version:  - )
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05170 - Cisco Systems, Inc.) Hidden
COMODO Internet Security (HKLM\...\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}) (Version: 4.1.19277.920 - COMODO Group Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dolphin Futures XPS Viewer version 1.1.0 (HKLM-x32\...\{75480068-162F-4D6B-B38E-76606A4E5320}_is1) (Version: 1.1.0 - Dolphin Futures Limited)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Dropbox (HKU\S-1-5-21-3967129415-799815695-785154672-1001\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
ElsterFormular-Upgrade (HKLM-x32\...\ElsterFormular für Privatanwender 12.2.0.6412p) (Version: 15.1.13904 - )
ENE CIR Receiver Driver (HKLM\...\5F4DD0919B4763856B77AD385DEEEFCDF01784A8) (Version: 2.7.3.519 - ENE)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fingerprint Solution (x32 Version: 6.1.20.0 - Ihr Firmenname) Hidden
Fingerprint Solution (x32 Version: 6.1.56.0 - Egis Technology Inc.) Hidden
Free Alarm Clock 2.7.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 2.7 - Comfort Software Group)
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.9.35.324 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version:  - DVDVideoSoft Limited.)
Google Chrome (HKU\S-1-5-21-3967129415-799815695-785154672-1001\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
ICQ7.5 (HKLM-x32\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
IndustrieGigant 2 (HKLM-x32\...\{8D914DD2-F3CE-44E4-9498-E7EED093281C}_is1) (Version:  - UIG GmbH)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Last.fm Scrobbler 2.1.32 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 34.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 de)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)
OpenTTD 1.1.3 (HKLM-x32\...\OpenTTD) (Version: 1.1.3 - OpenTTD)
Opera 12.02 (HKLM-x32\...\Opera 12.02.1578) (Version: 12.02.1578 - Opera Software ASA)
Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)
pdfsam (HKLM-x32\...\pdfsam) (Version: 2.2.1 - )
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5932 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3967129415-799815695-785154672-1001\...\Spotify) (Version: 1.0.9.133.gcedaee38 - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Transport Tycoon Deluxe (HKLM-x32\...\ft_Transport Tycoon Deluxe) (Version:  - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Yahoo Community Smartbar (HKLM-x32\...\{D7403121-68C2-48BC-874D-048015E60DF0}) (Version: 10.179.66.13636 - Linkury Inc.) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3967129415-799815695-785154672-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Basti\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

Could not list restore points
Check "winmgmt" service or repair WMI.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06BA3993-0599-46CF-B412-A2AAB23579AC} - System32\Tasks\GoogleUpdateTaskMachineCore1cec9b145a0b813 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {141C692F-5858-49F2-8EF9-07B83EB44719} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001Core => C:\Users\Basti\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {1ABDFDD4-8287-4EC9-8F22-A2E88B503934} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {395061C2-063F-483B-8ED4-34DF807A07EB} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {3A55A695-EB1B-48C7-BCAB-E44CF60EFB74} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {3F595DBB-BB30-4D50-8857-8A3B74A32887} - System32\Tasks\{34A4B7D0-2878-416A-A9F4-3B414A058DD1} => pcalua.exe -a C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\0kr1n4gz.default\extensions\DivXWebPlayer@divx.com\DivXWebPlayerInstaller.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {437099FC-DEEC-4A0E-9DE1-EAA7B4E3E75B} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {54FA914D-43C6-431D-A53C-B0A201466DAA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001UA => C:\Users\Basti\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {634CD0F9-F039-4C33-BB30-1A75780FC3A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {74FB408D-E1B5-4120-8A96-F12BE502DD44} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-12-09] (COMODO)
Task: {99543C22-4508-46A8-9AB8-E15657BB4CF5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001Core => C:\Users\Basti\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-18] (Facebook Inc.)
Task: {A9B7999A-D778-4A6F-B6CF-4DD590B76C3A} - System32\Tasks\Opera scheduled Autoupdate 1435926358 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-14] (Opera Software)
Task: {AF981828-2B0D-445D-B8E9-526E2A14D1A8} - System32\Tasks\{3E8E0646-8ABB-457B-82D9-134166BF1321} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.)
Task: {C36770EC-BA3A-43E0-836D-D387D9FF6F39} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001UA => C:\Users\Basti\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-18] (Facebook Inc.)
Task: {CFD92F53-81E8-4E19-95AF-84F867599387} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19] (Adobe Systems Incorporated)
Task: {D59F6A47-E97B-4284-B595-94BE68D730E6} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {E4F0B2A2-7652-42F8-A890-F19769269DB6} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001Core.job => C:\Users\Basti\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001UA.job => C:\Users\Basti\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec9b145a0b813.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001Core.job => C:\Users\Basti\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3967129415-799815695-785154672-1001UA.job => C:\Users\Basti\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2008-05-26 12:24 - 2008-05-26 12:24 - 00103424 _____ () C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64.DLL
2013-11-04 20:57 - 2013-04-15 19:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2014-06-11 05:34 - 2014-06-11 05:34 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-02-03 03:33 - 2009-02-03 03:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 03:55 - 2008-09-29 03:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2015-07-14 22:25 - 2015-07-13 23:55 - 01281864 _____ () C:\Users\Basti\AppData\Local\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 22:25 - 2015-07-13 23:55 - 00080712 _____ () C:\Users\Basti\AppData\Local\Google\Chrome\Application\43.0.2357.134\libegl.dll
2015-07-14 22:25 - 2015-07-13 23:55 - 16308040 _____ () C:\Users\Basti\AppData\Local\Google\Chrome\Application\43.0.2357.134\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aaclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\java.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\javaw.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\javaws.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\02_Zeitnachweis 2014_Studenten (Mo-So) (2).xls:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\1435076404913.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\1436191598742.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\1436191647384.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\1437566068702.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\15250905317_68897d677c_z.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\176255__urbaneguerilla__wolfbane-poem.wav:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\20141217131535176.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\20141217131551919.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\20141217131609691.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\270class06.zip:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\AdwCleaner09.exe:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\AdwCleaner09.exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\audacity-win-2.0.6.exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Bewerbung_SebastianOehmigen_P7.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Compareandcontrast_SebastianOehmigen_edited.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\documents-export-2015-01-15.zip:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\empiri-arbeit.odt:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\FCF7.tmp:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\Final Project.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\FreeStudio_CB-DL-Manager.exe:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\FreeStudio_CB-DL-Manager.exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\FRST64 (1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\FRST64 (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\FXEQ.zip:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Group Project.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\ha-dmanagement.odt:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\image (15).jpeg:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\IMG_1448.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\IMG_1646.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\IMG_1647.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\IMG_1659.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Imma (1).PDF:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Imma.PDF:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\jxpiinstall.exe:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\jxpiinstall.exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Karteninhaber_Reklamation089284.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Klangrainer - Die Taube hinkt.zip:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Klausurfragen-Kolb-1.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Klausurfragen-und-AW-Kolb-1.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\L3 - Theory of Public Relations.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Lame_v3.99.3_for_Windows.exe:$CmdTcID
AlternateDataStreams: C:\Users\Basti\Downloads\Lame_v3.99.3_for_Windows.exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\MARK-365-Public-Relations-outline-2014.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Media-Blackout_korrigiert.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Motorjournalismus.xlsx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\oliviameyer_mediengestalterbewerbung2014.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Peer Evaluation Form.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Policy #9464959 - Int'l Student Basic Policy.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Policy #9464959 - Wallet Card.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Pruefungsleistungen_be03543ad9-e92a-486a-967a-6718a6ffdce7.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Pruefungsleistungen_be3d427fc7-449b-4b3c-87d5-c91fe1200c99.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Rahmenbedingungen_Allgemeines.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\sebastianoehmigenArbeitszeugnisBILD.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\sebastianoehmigen_lebenslauf (1).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\SNBC_CaseStudy_SebastianOehmigen_editiert.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Sound-Effects-Pack_semikorrigiert.docx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\SpotifySetup (2).exe:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Springerling-Blattplanung_124S (1).xlsx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Springerling-Blattplanung_124S (2).xlsx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Springerling-Blattplanung_124S.xlsx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\SPRINGERLING_2015_BUCH-korrektur.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Virtual-Boy-Promotional-TV-Commercial.avi:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\VIU PR Plan (4).pptx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\VR_PPT.pptx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Werkstudent B2B-Agents.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\wetransfer-77a5a6.zip:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Wired Presentation.pptx:$CmdZnID
AlternateDataStreams: C:\Users\Basti\Downloads\Zeitnachweis 2014_Praktikum.xls:$CmdZnID

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3967129415-799815695-785154672-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: )
mpsdrv Firewall Service is not running.
MpsSvc Firewall Service is not running.
bfe Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk => C:\Windows\pss\Acer VCM.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Basti^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Basti^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Basti^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Basti\AppData\Local\Smartbar\Application\Smartbar.exe startup
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Basti\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FreeAC => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun
MSCONFIG\startupreg: Global Registration => "C:\Program Files (x86)\Acer\Registration\GREG.exe" BOOT
MSCONFIG\startupreg: Google Update => "C:\Users\Basti\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: mcagent_exe => C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /runkey
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: PLFSetI => C:\Windows\PLFSetI.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Basti\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Basti\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: VitaKeyPdtWzd => "C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EC98E393-63AE-44CB-B756-BCC9707A7AC3}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{591D9F6C-753C-452A-8F2F-401EC8BB96F1}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{1AC2EC5C-7D33-4C46-8B07-B4F1FD76788B}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{E7D3B33F-3267-47EA-BAD3-DD2550CB6FB7}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{1E0DC670-5CE4-490A-9C71-6E62B3D2ABF8}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{6DDC6DF0-7968-4B3C-89B4-A34CCA075212}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
FirewallRules: [{BD2698D3-29D8-4F61-ABA9-DA641056E032}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\VC.exe
FirewallRules: [{24405112-D314-4BA8-A4B7-3BF95B296717}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{984DA66F-DA00-421F-B3CB-373A1BB5775C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{14D42A10-301A-40EC-9DB9-97F88801A683}] => (Allow) svchost.exe
FirewallRules: [{8777C6B9-DFB9-442E-A490-FB8CAAC6E6E5}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{2E627FF4-76DF-439A-9B98-9F1C1FE5ABB4}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe
FirewallRules: [{C69B57AF-5EE4-4520-A232-4CA01FE5CEB1}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe
FirewallRules: [{4D311FE1-FF59-4C4B-B296-EC9F9A39B1E2}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
FirewallRules: [{7C98623F-EF72-44AB-853D-A3BF26D0FB48}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe
FirewallRules: [{003260B9-B836-4E53-B368-392D23CC7EB1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{17C6EC9F-5663-43B4-9FE3-A19B15F7DA0A}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{3D909085-D49E-4F1D-B300-103471E8665E}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{69166368-1AEB-4A03-9D60-155170870BA0}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe
FirewallRules: [{6D972633-F4EE-454E-AE94-28C6A44FC00E}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe
FirewallRules: [{20663C9E-B25F-4984-AFA2-DAEA00D308F9}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe
FirewallRules: [{F6ECD439-72CF-48BA-8983-E11C6703508A}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe
FirewallRules: [{F1FF7C95-5198-459E-9A39-0F85B37BCEC5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{A04087A4-3FF0-4EB5-8273-BBB7913A516A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{563449C5-DEFF-42D1-8E3E-0B9BA045AFA1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5C57C8CE-04C4-406B-BDFF-22593406AAA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{20DFC553-EDE2-4D7D-9A3B-13EC0F36F506}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7EA2E383-8A53-4BCE-854D-568BE4490E16}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{66C587D0-650B-4AD3-B68B-4D04914CF036}] => (Allow) %USERPROFILE%\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{DB2DE400-68DF-40CD-B117-15A9DE5C1A72}] => (Allow) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{FC1D87C6-4571-4268-AF4C-7717DDBE4AB1}] => (Allow) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{CF3F6D2B-4596-47B7-BA39-39258821775A}] => (Allow) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
FirewallRules: [{B2BEE773-D474-4034-962D-7D897CB542D1}] => (Allow) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
FirewallRules: [{15515B73-0B84-415A-A7D5-41B9D527B65B}] => (Allow) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
FirewallRules: [{B9F00F3D-48DA-4155-A7DE-706BD00507E5}] => (Allow) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
FirewallRules: [{C1125C0F-138A-4D25-BD67-0113B971CEE4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{295AF7BB-DEF3-434C-8D54-924C29B8C06D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F5CA664-6EA9-4BDF-996C-D6E1EF8EA113}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B967DB39-FC27-4613-9B4E-9CDA6876A8C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DC79014F-7EE4-4AD3-B033-6A1A5B4C597C}] => (Allow) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{F102AE90-3B92-4149-877F-1E94356DAE33}] => (Allow) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{DDCC8766-7791-4D54-93D1-614380BC88E8}] => (Allow) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{B86C820F-A0F3-4219-8CD6-44205F6F351F}] => (Allow) C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{8F40B2BE-82F6-45DB-8F0C-9C92768278AB}C:\users\basti\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\basti\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DF060C30-77BB-4C29-868C-C7560AAF3CF9}C:\users\basti\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\basti\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0F0C3F19-26FF-4F84-A979-BBA99C153D29}] => (Allow) C:\Users\Basti\AppData\Roaming\Copy\CopyAgent.exe
FirewallRules: [TCP Query User{065F06AA-F43C-4097-AED3-ADAC4216CB1E}C:\users\basti\appdata\roaming\copy\copyagent.exe] => (Allow) C:\users\basti\appdata\roaming\copy\copyagent.exe
FirewallRules: [UDP Query User{55112F08-A8B3-450D-859B-C2101BC02857}C:\users\basti\appdata\roaming\copy\copyagent.exe] => (Allow) C:\users\basti\appdata\roaming\copy\copyagent.exe
FirewallRules: [{FAADA382-3CCE-482C-BAED-4DD9B7955067}] => (Allow) C:\Users\Basti\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{9A1EB208-4AF9-48D7-B708-0FC6B5D3BA54}C:\users\basti\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\basti\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{E3B22A3E-2034-4AFB-BAFF-135552BBA1B0}C:\users\basti\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\basti\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{FC74C984-655E-4FE7-A1AE-1938135D91B6}C:\users\basti\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\basti\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{EDEABB04-16B6-4431-A38C-0AE666ACA5E1}C:\users\basti\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\basti\appdata\roaming\spotify\spotify.exe

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Systemfehler 123 aufgetreten.

Die Syntax f�r den Dateinamen, Verzeichnisnamen oder die Datentr�gerbezeichnung ist falsch.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz
Percentage of memory in use: 68%
Total physical RAM: 4025.91 MB
Available physical RAM: 1281.77 MB
Total Virtual: 8050.02 MB
Available Virtual: 5003.93 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:280.49 GB) (Free:93.87 GB) NTFS
Drive d: (CD1) (CDROM) (Total:0.61 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 2A660D9E)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Not Active) - (Size=3.5 GB) - (Type=12)
Partition 3: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=280.5 GB) - (Type=OF Extended)

==================== End of log ============================
         
--- --- ---
__________________


Alt 24.07.2015, 13:24   #3
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Update? Aero Design weg - bei mir auch - Standard

Windows Update? Aero Design weg - bei mir auch



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
__________________

Alt 24.07.2015, 18:50   #4
bastiberlin
 
Windows Update? Aero Design weg - bei mir auch - Standard

Windows Update? Aero Design weg - bei mir auch



Mbar hat nichts gefunden...

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.07.24.05
  rootkit: v2015.07.22.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
Basti :: BASTI-PC [administrator]

24.07.2015 13:29:28
mbar-log-2015-07-24 (13-29-28).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 368973
Time elapsed: 2 hour(s), 34 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
16:11:05.0677 0x15b8  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
16:11:45.0490 0x15b8  ============================================================
16:11:45.0490 0x15b8  Current date / time: 2015/07/24 16:11:45.0490
16:11:45.0490 0x15b8  SystemInfo:
16:11:45.0490 0x15b8  
16:11:45.0490 0x15b8  OS Version: 6.1.7601 ServicePack: 1.0
16:11:45.0490 0x15b8  Product type: Workstation
16:11:45.0490 0x15b8  ComputerName: BASTI-PC
16:11:45.0490 0x15b8  UserName: Basti
16:11:45.0490 0x15b8  Windows directory: C:\Windows
16:11:45.0490 0x15b8  System windows directory: C:\Windows
16:11:45.0490 0x15b8  Running under WOW64
16:11:45.0490 0x15b8  Processor architecture: Intel x64
16:11:45.0490 0x15b8  Number of processors: 2
16:11:45.0490 0x15b8  Page size: 0x1000
16:11:45.0490 0x15b8  Boot type: Normal boot
16:11:45.0490 0x15b8  ============================================================
16:11:45.0842 0x15b8  KLMD registered as C:\Windows\system32\drivers\04147019.sys
16:11:46.0825 0x15b8  System UUID: {2D50518B-1DD1-4E5D-562B-F545E8BD4496}
16:11:48.0493 0x15b8  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:11:48.0509 0x15b8  ============================================================
16:11:48.0509 0x15b8  \Device\Harddisk0\DR0:
16:11:48.0509 0x15b8  MBR partitions:
16:11:48.0509 0x15b8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2300800, BlocksNum 0x32000
16:11:48.0540 0x15b8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2333000, BlocksNum 0x230FB000
16:11:48.0540 0x15b8  ============================================================
16:11:48.0587 0x15b8  C: <-> \Device\Harddisk0\DR0\Partition2
16:11:48.0648 0x15b8  ============================================================
16:11:48.0648 0x15b8  Initialize success
16:11:48.0648 0x15b8  ============================================================
16:12:24.0250 0x147c  ============================================================
16:12:24.0250 0x147c  Scan started
16:12:24.0250 0x147c  Mode: Manual; SigCheck; TDLFS; 
16:12:24.0250 0x147c  ============================================================
16:12:24.0250 0x147c  KSN ping started
16:12:26.0824 0x147c  KSN ping finished: true
16:12:27.0526 0x147c  ================ Scan system memory ========================
16:12:27.0526 0x147c  System memory - ok
16:12:27.0526 0x147c  ================ Scan services =============================
16:12:28.0056 0x147c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:12:28.0533 0x147c  1394ohci - ok
16:12:28.0689 0x147c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:12:28.0720 0x147c  ACPI - ok
16:12:28.0783 0x147c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:12:28.0939 0x147c  AcpiPmi - ok
16:12:29.0017 0x147c  [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock          C:\Windows\system32\DRIVERS\acsock64.sys
16:12:29.0126 0x147c  acsock - ok
16:12:29.0266 0x147c  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
16:12:29.0298 0x147c  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
16:12:31.0702 0x147c  Detect skipped due to KSN trusted
16:12:31.0702 0x147c  Adobe LM Service - ok
16:12:31.0874 0x147c  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:12:31.0889 0x147c  AdobeARMservice - ok
16:12:32.0186 0x147c  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:12:32.0232 0x147c  AdobeFlashPlayerUpdateSvc - ok
16:12:32.0357 0x147c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:12:32.0420 0x147c  adp94xx - ok
16:12:32.0482 0x147c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:12:32.0529 0x147c  adpahci - ok
16:12:32.0591 0x147c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:12:32.0622 0x147c  adpu320 - ok
16:12:32.0685 0x147c  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:12:32.0810 0x147c  AeLookupSvc - ok
16:12:32.0981 0x147c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
16:12:33.0122 0x147c  AFD - ok
16:12:33.0200 0x147c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:12:33.0246 0x147c  agp440 - ok
16:12:33.0293 0x147c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:12:33.0449 0x147c  ALG - ok
16:12:33.0496 0x147c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:12:33.0527 0x147c  aliide - ok
16:12:33.0574 0x147c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:12:33.0621 0x147c  amdide - ok
16:12:33.0668 0x147c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:12:33.0761 0x147c  AmdK8 - ok
16:12:33.0792 0x147c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:12:33.0855 0x147c  AmdPPM - ok
16:12:33.0917 0x147c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:12:33.0980 0x147c  amdsata - ok
16:12:34.0011 0x147c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:12:34.0058 0x147c  amdsbs - ok
16:12:34.0089 0x147c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:12:34.0136 0x147c  amdxata - ok
16:12:34.0214 0x147c  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
16:12:34.0339 0x147c  AppID - ok
16:12:34.0386 0x147c  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:12:34.0449 0x147c  AppIDSvc - ok
16:12:34.0527 0x147c  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
16:12:34.0605 0x147c  Appinfo - ok
16:12:34.0714 0x147c  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:12:34.0729 0x147c  Apple Mobile Device - ok
16:12:34.0776 0x147c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:12:34.0823 0x147c  arc - ok
16:12:34.0839 0x147c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:12:34.0870 0x147c  arcsas - ok
16:12:35.0087 0x147c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:12:35.0134 0x147c  aspnet_state - ok
16:12:35.0180 0x147c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:12:35.0368 0x147c  AsyncMac - ok
16:12:35.0430 0x147c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:12:35.0477 0x147c  atapi - ok
16:12:35.0695 0x147c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:12:35.0804 0x147c  AudioEndpointBuilder - ok
16:12:35.0882 0x147c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:12:35.0914 0x147c  AudioSrv - ok
16:12:35.0976 0x147c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:12:36.0142 0x147c  AxInstSV - ok
16:12:36.0211 0x147c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:12:36.0323 0x147c  b06bdrv - ok
16:12:36.0385 0x147c  [ 93AF5CCCE5145AA3C2F0A41E7F65149A, CAFC796517F256A51965EE9D615E0E8B5C79CE1E77C48667C3E4C929074D4F01 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:12:36.0416 0x147c  b57nd60a - ok
16:12:36.0479 0x147c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:12:36.0619 0x147c  BDESVC - ok
16:12:36.0650 0x147c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:12:36.0731 0x147c  Beep - ok
16:12:36.0881 0x147c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:12:37.0027 0x147c  BFE - ok
16:12:37.0090 0x147c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:12:37.0320 0x147c  BITS - ok
16:12:37.0351 0x147c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:12:37.0418 0x147c  blbdrive - ok
16:12:37.0601 0x147c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:12:37.0632 0x147c  Bonjour Service - ok
16:12:37.0669 0x147c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:12:37.0794 0x147c  bowser - ok
16:12:37.0841 0x147c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:12:37.0984 0x147c  BrFiltLo - ok
16:12:37.0997 0x147c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:12:38.0029 0x147c  BrFiltUp - ok
16:12:38.0091 0x147c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:12:38.0200 0x147c  Browser - ok
16:12:38.0249 0x147c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:12:38.0327 0x147c  Brserid - ok
16:12:38.0343 0x147c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:12:38.0390 0x147c  BrSerWdm - ok
16:12:38.0405 0x147c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:12:38.0452 0x147c  BrUsbMdm - ok
16:12:38.0468 0x147c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:12:38.0498 0x147c  BrUsbSer - ok
16:12:38.0523 0x147c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:12:38.0568 0x147c  BTHMODEM - ok
16:12:38.0620 0x147c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:12:38.0687 0x147c  bthserv - ok
16:12:38.0750 0x147c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:12:38.0859 0x147c  cdfs - ok
16:12:38.0937 0x147c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
16:12:38.0987 0x147c  cdrom - ok
16:12:39.0043 0x147c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:12:39.0137 0x147c  CertPropSvc - ok
16:12:39.0168 0x147c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:12:39.0259 0x147c  circlass - ok
16:12:39.0355 0x147c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
16:12:39.0409 0x147c  CLFS - ok
16:12:39.0549 0x147c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:12:39.0748 0x147c  clr_optimization_v2.0.50727_32 - ok
16:12:39.0873 0x147c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:12:39.0936 0x147c  clr_optimization_v2.0.50727_64 - ok
16:12:40.0060 0x147c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:12:40.0092 0x147c  clr_optimization_v4.0.30319_32 - ok
16:12:40.0138 0x147c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:12:40.0216 0x147c  clr_optimization_v4.0.30319_64 - ok
16:12:40.0263 0x147c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:12:40.0326 0x147c  CmBatt - ok
16:12:41.0247 0x147c  [ 0F28CFF8610425DF96FBB29794707959, 3FA8D13C29C79FA34A65D9E4502F09817F79DF57AF172FFDE48C147934FBBBCF ] cmdAgent        C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
16:12:41.0497 0x147c  cmdAgent - ok
16:12:41.0575 0x147c  [ A337FA59FFA4786E4603CC8A440BBB49, 5298238B8894AB2112DCA5872A4C7EF9F8AAEE226D7C2957C840DC38A730D68D ] cmderd          C:\Windows\system32\DRIVERS\cmderd.sys
16:12:41.0590 0x147c  cmderd - ok
16:12:41.0715 0x147c  [ C49B3C7F469C6F1AEAE90653D340B9FA, BBA2107D4817702E2E7F9185D2065EAE35562A4C8CA5A8A7EDF340F4EC700891 ] cmdGuard        C:\Windows\system32\DRIVERS\cmdguard.sys
16:12:41.0746 0x147c  cmdGuard - ok
16:12:41.0777 0x147c  [ 85FD7C0057DEA753A93FDC783119541B, 3AFBD15EFF46DAA2FE315073CA3B885DF0BDA2D5BD8D234609C9BBFD841D119A ] cmdHlp          C:\Windows\system32\DRIVERS\cmdhlp.sys
16:12:41.0809 0x147c  cmdHlp - ok
16:12:41.0855 0x147c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:12:41.0918 0x147c  cmdide - ok
16:12:42.0293 0x147c  [ AB6513248071D4EA9736D504AAFD78FE, 02ECD1D8C2637004E3FD1C999CFEA3D6C07269C4F1D5C593DE58DE987554E40A ] cmdvirth        C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
16:12:42.0402 0x147c  cmdvirth - ok
16:12:42.0558 0x147c  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
16:12:42.0683 0x147c  CNG - ok
16:12:42.0746 0x147c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:12:42.0761 0x147c  Compbatt - ok
16:12:42.0824 0x147c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:12:42.0933 0x147c  CompositeBus - ok
16:12:42.0948 0x147c  COMSysApp - ok
16:12:42.0964 0x147c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:12:42.0980 0x147c  crcdisk - ok
16:12:43.0058 0x147c  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:12:43.0152 0x147c  CryptSvc - ok
16:12:43.0230 0x147c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:12:43.0308 0x147c  DcomLaunch - ok
16:12:43.0355 0x147c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:12:43.0449 0x147c  defragsvc - ok
16:12:43.0527 0x147c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:12:43.0636 0x147c  DfsC - ok
16:12:43.0714 0x147c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:12:43.0823 0x147c  Dhcp - ok
16:12:44.0026 0x147c  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
16:12:44.0167 0x147c  DiagTrack - ok
16:12:44.0230 0x147c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:12:44.0323 0x147c  discache - ok
16:12:44.0402 0x147c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:12:44.0480 0x147c  Disk - ok
16:12:44.0652 0x147c  [ D5BCB77BE83CF99F508943945D46343D, 00C5624CE970A05075A19168643BF6E8FA60C764333ECEC088D7FFCA10547833 ] DKbFltr         C:\Windows\SysWOW64\Drivers\DKbFltr.sys
16:12:44.0683 0x147c  DKbFltr - ok
16:12:44.0714 0x147c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:12:44.0823 0x147c  Dnscache - ok
16:12:44.0886 0x147c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:12:45.0011 0x147c  dot3svc - ok
16:12:45.0089 0x147c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:12:45.0182 0x147c  DPS - ok
16:12:45.0229 0x147c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:12:45.0369 0x147c  drmkaud - ok
16:12:45.0447 0x147c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:12:45.0525 0x147c  DXGKrnl - ok
16:12:45.0603 0x147c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:12:45.0666 0x147c  EapHost - ok
16:12:46.0149 0x147c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:12:46.0383 0x147c  ebdrv - ok
16:12:46.0446 0x147c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe
16:12:46.0555 0x147c  EFS - ok
16:12:46.0695 0x147c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:12:46.0851 0x147c  ehRecvr - ok
16:12:46.0883 0x147c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:12:46.0976 0x147c  ehSched - ok
16:12:47.0085 0x147c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:12:47.0163 0x147c  elxstor - ok
16:12:47.0210 0x147c  [ A9EC08727C64D985678F5B64C03823F0, 00F4856BF61068716EE9FDD9020B90AE4489F4DA6C5822F5AA0326CD7610F6A6 ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
16:12:47.0320 0x147c  enecir - ok
16:12:47.0352 0x147c  [ E17EB95358F396E27D573A1B20F891F8, 23D12C2AC2CF7D3441632F1BAF43E9C7554DD9A85F2B08253710DE3C7555B540 ] enecirhid       C:\Windows\system32\DRIVERS\enecirhid.sys
16:12:47.0414 0x147c  enecirhid - ok
16:12:47.0445 0x147c  [ 8492D808C79BD6FE439F77BE84956CDF, 8B2D14C5A7FFA72144E1113B4DDAD7F1258F707442EDE0E4EF3CBB72886EFE8E ] enecirhidma     C:\Windows\system32\DRIVERS\enecirhidma.sys
16:12:47.0492 0x147c  enecirhidma - ok
16:12:47.0757 0x147c  [ FEB08A605613DBAC49A12F8711882201, F94F1859B01CC043B0B102DD319D956E54AADA6FABD7A722F43A124073A62040 ] ePowerSvc       C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
16:12:47.0788 0x147c  ePowerSvc - ok
16:12:47.0860 0x147c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:12:47.0950 0x147c  ErrDev - ok
16:12:48.0031 0x147c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:12:48.0095 0x147c  EventSystem - ok
16:12:48.0158 0x147c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:12:48.0279 0x147c  exfat - ok
16:12:48.0327 0x147c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:12:48.0421 0x147c  fastfat - ok
16:12:48.0605 0x147c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:12:48.0741 0x147c  Fax - ok
16:12:48.0763 0x147c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:12:48.0844 0x147c  fdc - ok
16:12:48.0879 0x147c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:12:48.0957 0x147c  fdPHost - ok
16:12:48.0988 0x147c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:12:49.0074 0x147c  FDResPub - ok
16:12:49.0096 0x147c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:12:49.0143 0x147c  FileInfo - ok
16:12:49.0159 0x147c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:12:49.0284 0x147c  Filetrace - ok
16:12:49.0315 0x147c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:12:49.0385 0x147c  flpydisk - ok
16:12:49.0506 0x147c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:12:49.0537 0x147c  FltMgr - ok
16:12:49.0651 0x147c  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
16:12:49.0820 0x147c  FontCache - ok
16:12:49.0946 0x147c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:12:50.0153 0x147c  FontCache3.0.0.0 - ok
16:12:50.0214 0x147c  [ 305380D5D33BFDEAAF14D73E969239FC, 5863AF0FAF51F3FCDEB1FB2CE4A67FF4A574F06C1E02B627638DC0C810E24DA6 ] FPSensor        C:\Windows\system32\Drivers\FPSensor.sys
16:12:50.0252 0x147c  FPSensor - ok
16:12:50.0286 0x147c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:12:50.0338 0x147c  FsDepends - ok
16:12:50.0390 0x147c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:12:50.0427 0x147c  Fs_Rec - ok
16:12:50.0469 0x147c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:12:50.0516 0x147c  fvevol - ok
16:12:50.0568 0x147c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:12:50.0630 0x147c  gagp30kx - ok
16:12:50.0711 0x147c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:12:50.0737 0x147c  GEARAspiWDM - ok
16:12:50.0881 0x147c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:12:50.0980 0x147c  gpsvc - ok
16:12:51.0125 0x147c  [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
16:12:51.0170 0x147c  Greg_Service - ok
16:12:51.0310 0x147c  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:12:51.0341 0x147c  gupdate - ok
16:12:51.0372 0x147c  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:12:51.0388 0x147c  gupdatem - ok
16:12:51.0421 0x147c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:12:51.0563 0x147c  hcw85cir - ok
16:12:51.0709 0x147c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:12:51.0826 0x147c  HdAudAddService - ok
16:12:51.0860 0x147c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:12:51.0928 0x147c  HDAudBus - ok
16:12:51.0991 0x147c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:12:52.0053 0x147c  HidBatt - ok
16:12:52.0115 0x147c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:12:52.0196 0x147c  HidBth - ok
16:12:52.0230 0x147c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:12:52.0308 0x147c  HidIr - ok
16:12:52.0339 0x147c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:12:52.0401 0x147c  hidserv - ok
16:12:52.0474 0x147c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:12:52.0583 0x147c  HidUsb - ok
16:12:52.0645 0x147c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:12:52.0695 0x147c  hkmsvc - ok
16:12:52.0773 0x147c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:12:52.0882 0x147c  HomeGroupListener - ok
16:12:52.0946 0x147c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:12:52.0992 0x147c  HomeGroupProvider - ok
16:12:53.0039 0x147c  [ DBD2BB97A574FC565B1EB5C0A03F917A, 3946F8F95C3A7371E168BC82F068E7F830A07FD545A16F47336902E174E0370A ] HPFXBULK        C:\Windows\system32\drivers\hpfx64bulk.sys
16:12:53.0086 0x147c  HPFXBULK - ok
16:12:53.0133 0x147c  [ 219C2A07FD07023D3905C332BF6F9BA8, D1648BB751909470D307A915F07B4F54282B94E159378CC7118D6F32478020E9 ] HPFXFAX         C:\Windows\system32\drivers\hpfx64fax.sys
16:12:53.0164 0x147c  HPFXFAX - ok
16:12:53.0215 0x147c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:12:53.0277 0x147c  HpSAMD - ok
16:12:53.0717 0x147c  [ D4F91CF4DE215D6F14A06087D46725E4, 656E78AB0CD5B3DA396F937CF05863F80C9E430EDED6F68A88F39604A052921B ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:12:53.0779 0x147c  HPSLPSVC - ok
16:12:53.0935 0x147c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:12:54.0060 0x147c  HTTP - ok
16:12:54.0122 0x147c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:12:54.0185 0x147c  hwpolicy - ok
16:12:54.0248 0x147c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:12:54.0295 0x147c  i8042prt - ok
16:12:54.0437 0x147c  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:12:54.0469 0x147c  IAANTMON - ok
16:12:54.0631 0x147c  [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:12:54.0662 0x147c  iaStor - ok
16:12:54.0766 0x147c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:12:54.0860 0x147c  iaStorV - ok
16:12:54.0938 0x147c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:12:55.0000 0x147c  idsvc - ok
16:12:55.0047 0x147c  IEEtwCollectorService - ok
16:12:55.0275 0x147c  [ 607013AF90E9107664F7204613DB5631, 6761E3385D6ED681533DC5FE57923C2876128F098B0364D958891CED12AC6E90 ] IGBASVC         C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
16:12:55.0471 0x147c  IGBASVC - detected UnsignedFile.Multi.Generic ( 1 )
16:12:57.0844 0x147c  Detect skipped due to KSN trusted
16:12:57.0844 0x147c  IGBASVC - ok
16:12:58.0216 0x147c  [ 0FD8F9B3875813F7F6467C74C5BE270A, BB938BDBF9A34920A2D46DF7E21980E2FCD81613D68A2835FBDE3C9076AFB262 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:12:58.0547 0x147c  igfx - ok
16:12:58.0594 0x147c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:12:58.0641 0x147c  iirsp - ok
16:12:58.0791 0x147c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:12:58.0838 0x147c  IKEEXT - ok
16:12:58.0869 0x147c  [ 6BC36E24396DB59AF5BF6F872F298435, BF6FCA894219840FDFF4655D2E1551B89CD39F731A339FD0C052E0F7733CF9D3 ] inspect         C:\Windows\system32\DRIVERS\inspect.sys
16:12:58.0900 0x147c  inspect - ok
16:12:59.0049 0x147c  [ 430AAB6C09AF99D5BEB311795349E9DD, 5B4502BB9202B2DC59731BC4777755D770C380840B266C351940905DDB3E42BA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:12:59.0182 0x147c  IntcAzAudAddService - ok
16:12:59.0229 0x147c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:12:59.0260 0x147c  intelide - ok
16:12:59.0276 0x147c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:12:59.0338 0x147c  intelppm - ok
16:12:59.0371 0x147c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:12:59.0449 0x147c  IPBusEnum - ok
16:12:59.0545 0x147c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:12:59.0676 0x147c  IpFilterDriver - ok
16:12:59.0825 0x147c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:12:59.0986 0x147c  iphlpsvc - ok
16:13:00.0017 0x147c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:13:00.0111 0x147c  IPMIDRV - ok
16:13:00.0158 0x147c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:13:00.0252 0x147c  IPNAT - ok
16:13:00.0377 0x147c  [ 6660920D05A32DF2DC1260CEF0B6D172, 2C4361B59CD9F41519FDF14EC69F2E37E1B0635ACA476E4BEF2152C925E35F9F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:13:00.0403 0x147c  iPod Service - ok
16:13:00.0434 0x147c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:13:00.0559 0x147c  IRENUM - ok
16:13:00.0615 0x147c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:13:00.0662 0x147c  isapnp - ok
16:13:00.0740 0x147c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:13:00.0772 0x147c  iScsiPrt - ok
16:13:00.0819 0x147c  [ DB917B998CBC15A153C00DD6EFC34C13, 5FF4DA2C2D567AAD435730EA910016F2E9DE8BDF0A414A477B72248D16A47115 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
16:13:00.0844 0x147c  JMCR - ok
16:13:00.0891 0x147c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:13:00.0937 0x147c  kbdclass - ok
16:13:01.0015 0x147c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:13:01.0088 0x147c  kbdhid - ok
16:13:01.0103 0x147c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
16:13:01.0150 0x147c  KeyIso - ok
16:13:01.0181 0x147c  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:13:01.0244 0x147c  KSecDD - ok
16:13:01.0285 0x147c  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:13:01.0316 0x147c  KSecPkg - ok
16:13:01.0363 0x147c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:13:01.0472 0x147c  ksthunk - ok
16:13:01.0519 0x147c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:13:01.0613 0x147c  KtmRm - ok
16:13:01.0715 0x147c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:13:01.0793 0x147c  LanmanServer - ok
16:13:01.0856 0x147c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:13:01.0950 0x147c  LanmanWorkstation - ok
16:13:01.0981 0x147c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:13:02.0059 0x147c  lltdio - ok
16:13:02.0108 0x147c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:13:02.0179 0x147c  lltdsvc - ok
16:13:02.0226 0x147c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:13:02.0304 0x147c  lmhosts - ok
16:13:02.0353 0x147c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:13:02.0416 0x147c  LSI_FC - ok
16:13:02.0461 0x147c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:13:02.0480 0x147c  LSI_SAS - ok
16:13:02.0480 0x147c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:13:02.0511 0x147c  LSI_SAS2 - ok
16:13:02.0539 0x147c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:13:02.0580 0x147c  LSI_SCSI - ok
16:13:02.0626 0x147c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:13:02.0716 0x147c  luafv - ok
16:13:02.0893 0x147c  [ 034606B82FA5BD3E73AB427B6D55F915, F24AA57D46F3AD5FBBE29CE9E2D8798FA1FC98A9004E10EEED3D651F52A6143B ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
16:13:02.0926 0x147c  McComponentHostService - ok
16:13:03.0027 0x147c  [ 79D51E7F5926E8CE1B3EBECEBAE28CFF, 2722E217AF11F928E58F694E5C1CC5776283A56C54E7F84401FECFBD73E91EBA ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
16:13:03.0058 0x147c  mcdbus - ok
16:13:03.0107 0x147c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:13:03.0154 0x147c  Mcx2Svc - ok
16:13:03.0196 0x147c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:13:03.0226 0x147c  megasas - ok
16:13:03.0275 0x147c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:13:03.0330 0x147c  MegaSR - ok
16:13:03.0434 0x147c  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:13:03.0446 0x147c  Microsoft Office Groove Audit Service - ok
16:13:03.0477 0x147c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:13:03.0561 0x147c  MMCSS - ok
16:13:03.0587 0x147c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:13:03.0650 0x147c  Modem - ok
16:13:03.0697 0x147c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:13:03.0744 0x147c  monitor - ok
16:13:03.0829 0x147c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:13:03.0885 0x147c  mouclass - ok
16:13:03.0920 0x147c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:13:03.0944 0x147c  mouhid - ok
16:13:03.0980 0x147c  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:13:04.0034 0x147c  mountmgr - ok
16:13:04.0129 0x147c  [ D1CB0BC1CBA61639FE7162C5476A22C0, 80469683BD18CE0B6E9D9BD3613A63896F3D50A783EFDC15CEA28560C151C6B9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:13:04.0144 0x147c  MozillaMaintenance - ok
16:13:04.0193 0x147c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:13:04.0259 0x147c  mpio - ok
16:13:04.0292 0x147c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:13:04.0367 0x147c  mpsdrv - ok
16:13:04.0508 0x147c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:13:04.0620 0x147c  MpsSvc - ok
16:13:04.0657 0x147c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:13:04.0745 0x147c  MRxDAV - ok
16:13:04.0797 0x147c  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:13:04.0892 0x147c  mrxsmb - ok
16:13:04.0924 0x147c  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:13:04.0969 0x147c  mrxsmb10 - ok
16:13:05.0011 0x147c  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:13:05.0050 0x147c  mrxsmb20 - ok
16:13:05.0094 0x147c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:13:05.0144 0x147c  msahci - ok
16:13:05.0213 0x147c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:13:05.0260 0x147c  msdsm - ok
16:13:05.0307 0x147c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:13:05.0354 0x147c  MSDTC - ok
16:13:05.0385 0x147c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:13:05.0473 0x147c  Msfs - ok
16:13:05.0516 0x147c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:13:05.0629 0x147c  mshidkmdf - ok
16:13:05.0665 0x147c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:13:05.0691 0x147c  msisadrv - ok
16:13:05.0728 0x147c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:13:05.0827 0x147c  MSiSCSI - ok
16:13:05.0831 0x147c  msiserver - ok
16:13:05.0861 0x147c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:13:05.0923 0x147c  MSKSSRV - ok
16:13:05.0939 0x147c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:13:06.0034 0x147c  MSPCLOCK - ok
16:13:06.0065 0x147c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:13:06.0143 0x147c  MSPQM - ok
16:13:06.0191 0x147c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:13:06.0222 0x147c  MsRPC - ok
16:13:06.0269 0x147c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:13:06.0284 0x147c  mssmbios - ok
16:13:06.0316 0x147c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:13:06.0380 0x147c  MSTEE - ok
16:13:06.0411 0x147c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:13:06.0474 0x147c  MTConfig - ok
16:13:06.0505 0x147c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:13:06.0520 0x147c  Mup - ok
16:13:06.0567 0x147c  [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
16:13:06.0583 0x147c  mwlPSDFilter - ok
16:13:06.0598 0x147c  [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
16:13:06.0617 0x147c  mwlPSDNServ - ok
16:13:06.0633 0x147c  [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
16:13:06.0664 0x147c  mwlPSDVDisk - ok
16:13:06.0742 0x147c  [ 2F139207F618EC2933830227EEFFDDB4, 2942452EC631BF11CCCDA397C756CBBC0337F58B215A3F02DA263818CB3BE9A9 ] MWLService      C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
16:13:06.0773 0x147c  MWLService - ok
16:13:06.0979 0x147c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:13:07.0026 0x147c  napagent - ok
16:13:07.0104 0x147c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:13:07.0182 0x147c  NativeWifiP - ok
16:13:07.0549 0x147c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:13:07.0581 0x147c  NDIS - ok
16:13:07.0627 0x147c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:13:07.0731 0x147c  NdisCap - ok
16:13:07.0778 0x147c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:13:07.0871 0x147c  NdisTapi - ok
16:13:07.0905 0x147c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:13:07.0983 0x147c  Ndisuio - ok
16:13:08.0061 0x147c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:13:08.0163 0x147c  NdisWan - ok
16:13:08.0245 0x147c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:13:08.0339 0x147c  NDProxy - ok
16:13:08.0417 0x147c  [ DC6530A291D4BDF6DF399F1F128E7F8F, 85123D802063383646EEBC60F4ABBCDBA2AE3180E99A8A99C024B1EBB0C6690E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:13:08.0466 0x147c  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
16:13:10.0862 0x147c  Detect skipped due to KSN trusted
16:13:10.0862 0x147c  Net Driver HPZ12 - ok
16:13:10.0901 0x147c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:13:11.0226 0x147c  NetBIOS - ok
16:13:11.0314 0x147c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:13:11.0644 0x147c  NetBT - ok
16:13:11.0670 0x147c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
16:13:11.0712 0x147c  Netlogon - ok
16:13:11.0777 0x147c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:13:11.0869 0x147c  Netman - ok
16:13:11.0984 0x147c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:13:12.0056 0x147c  NetMsmqActivator - ok
16:13:12.0068 0x147c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:13:12.0093 0x147c  NetPipeActivator - ok
16:13:12.0183 0x147c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:13:12.0289 0x147c  netprofm - ok
16:13:12.0339 0x147c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:13:12.0363 0x147c  NetTcpActivator - ok
16:13:12.0374 0x147c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:13:12.0398 0x147c  NetTcpPortSharing - ok
16:13:13.0085 0x147c  [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
16:13:13.0498 0x147c  NETw5s64 - ok
16:13:13.0827 0x147c  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
16:13:14.0171 0x147c  netw5v64 - ok
16:13:14.0226 0x147c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:13:14.0269 0x147c  nfrd960 - ok
16:13:14.0354 0x147c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:13:14.0489 0x147c  NlaSvc - ok
16:13:14.0513 0x147c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:13:14.0595 0x147c  Npfs - ok
16:13:14.0681 0x147c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:13:14.0733 0x147c  nsi - ok
16:13:14.0760 0x147c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:13:14.0839 0x147c  nsiproxy - ok
16:13:15.0088 0x147c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:13:15.0192 0x147c  Ntfs - ok
16:13:15.0235 0x147c  [ F9B8245BEFA165E1311AF101387BDF5D, BF497BBAF82864AEB8E741DC666C934A02BEE4EC8E956BAE92891B88DFA58261 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
16:13:15.0255 0x147c  NTI IScheduleSvc - ok
16:13:15.0285 0x147c  [ FD324CCE1D4D5BB5AF65F8E55B462C7E, 901287499F33EFD3B1EE6CBDAD4E4DD342DC62FCDCCEF5375CB9D7B0673EE1E6 ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
16:13:15.0302 0x147c  NTIBackupSvc - ok
16:13:15.0342 0x147c  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
16:13:15.0396 0x147c  NTIDrvr - ok
16:13:15.0450 0x147c  [ 3F6268A2EC33CD38CF75C880AF8DED42, 6CA4A527878042C3BB40A7C0F4F9434827C7E60F989EB7C39BBAD0F270404EEE ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
16:13:15.0484 0x147c  NTISchedulerSvc - ok
16:13:15.0512 0x147c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:13:15.0612 0x147c  Null - ok
16:13:15.0691 0x147c  [ CB599955CE2CE9694721562F9481CD84, DC8B802396E9D0F11D1855A622E7438711C029D3B76550A953A44CEB8A7E468F ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
16:13:15.0713 0x147c  NVHDA - ok
16:13:16.0624 0x147c  [ EF2483EC699C3BBC73A1031B4CED49C5, 36A32A1D0EFF34137D993F418EF22CE117CD3023682B16F426C40722057A97DE ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:13:17.0284 0x147c  nvlddmkm - ok
16:13:17.0402 0x147c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:13:17.0459 0x147c  nvraid - ok
16:13:17.0498 0x147c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:13:17.0569 0x147c  nvstor - ok
16:13:17.0630 0x147c  [ A7F752D5F51CB36432767168F328C9CE, 969A02EAA9DD290B2D82D1906E2A0003C71C5519FD6C88EDBBF47150C046F2C1 ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:13:17.0660 0x147c  nvsvc - ok
16:13:17.0721 0x147c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:13:17.0774 0x147c  nv_agp - ok
16:13:17.0987 0x147c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:13:18.0020 0x147c  odserv - ok
16:13:18.0079 0x147c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:13:18.0136 0x147c  ohci1394 - ok
16:13:18.0255 0x147c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:13:18.0275 0x147c  ose - ok
16:13:18.0352 0x147c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:13:18.0458 0x147c  p2pimsvc - ok
16:13:18.0488 0x147c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:13:18.0598 0x147c  p2psvc - ok
16:13:18.0637 0x147c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:13:18.0673 0x147c  Parport - ok
16:13:18.0751 0x147c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:13:18.0776 0x147c  partmgr - ok
16:13:18.0840 0x147c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:13:18.0942 0x147c  PcaSvc - ok
16:13:18.0973 0x147c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:13:19.0060 0x147c  pci - ok
16:13:19.0094 0x147c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:13:19.0141 0x147c  pciide - ok
16:13:19.0174 0x147c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:13:19.0227 0x147c  pcmcia - ok
16:13:19.0243 0x147c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:13:19.0308 0x147c  pcw - ok
16:13:19.0418 0x147c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:13:19.0496 0x147c  PEAUTH - ok
16:13:19.0605 0x147c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:13:19.0824 0x147c  PerfHost - ok
16:13:20.0073 0x147c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:13:20.0245 0x147c  pla - ok
16:13:20.0401 0x147c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:13:20.0510 0x147c  PlugPlay - ok
16:13:20.0573 0x147c  [ 71F62C51DFDFBC04C83C5C64B2B8058E, CAB12E6D27BE421BD5A3CB04066EA50303A3210332ECC4B5C03B5F19735FC857 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:13:20.0619 0x147c  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
16:13:23.0014 0x147c  Detect skipped due to KSN trusted
16:13:23.0014 0x147c  Pml Driver HPZ12 - ok
16:13:23.0048 0x147c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:13:23.0134 0x147c  PNRPAutoReg - ok
16:13:23.0163 0x147c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:13:23.0209 0x147c  PNRPsvc - ok
16:13:23.0369 0x147c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:13:23.0494 0x147c  PolicyAgent - ok
16:13:23.0550 0x147c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:13:23.0628 0x147c  Power - ok
16:13:23.0700 0x147c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:13:23.0960 0x147c  PptpMiniport - ok
16:13:24.0035 0x147c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:13:24.0148 0x147c  Processor - ok
16:13:24.0227 0x147c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:13:24.0310 0x147c  ProfSvc - ok
16:13:24.0341 0x147c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
16:13:24.0379 0x147c  ProtectedStorage - ok
16:13:24.0503 0x147c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:13:24.0579 0x147c  Psched - ok
16:13:24.0848 0x147c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:13:24.0951 0x147c  ql2300 - ok
16:13:24.0978 0x147c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:13:25.0025 0x147c  ql40xx - ok
16:13:25.0072 0x147c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:13:25.0134 0x147c  QWAVE - ok
16:13:25.0169 0x147c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:13:25.0278 0x147c  QWAVEdrv - ok
16:13:25.0318 0x147c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:13:25.0389 0x147c  RasAcd - ok
16:13:25.0476 0x147c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:13:25.0610 0x147c  RasAgileVpn - ok
16:13:25.0672 0x147c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:13:25.0762 0x147c  RasAuto - ok
16:13:25.0856 0x147c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:13:25.0981 0x147c  Rasl2tp - ok
16:13:26.0076 0x147c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:13:26.0173 0x147c  RasMan - ok
16:13:26.0288 0x147c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:13:26.0393 0x147c  RasPppoe - ok
16:13:26.0440 0x147c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:13:26.0555 0x147c  RasSstp - ok
16:13:26.0649 0x147c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:13:26.0816 0x147c  rdbss - ok
16:13:26.0858 0x147c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:13:26.0922 0x147c  rdpbus - ok
16:13:26.0954 0x147c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:13:27.0063 0x147c  RDPCDD - ok
16:13:27.0129 0x147c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:13:27.0224 0x147c  RDPENCDD - ok
16:13:27.0256 0x147c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:13:27.0335 0x147c  RDPREFMP - ok
16:13:27.0382 0x147c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:13:27.0507 0x147c  RDPWD - ok
16:13:27.0554 0x147c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:13:27.0726 0x147c  rdyboost - ok
16:13:27.0776 0x147c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:13:27.0903 0x147c  RemoteAccess - ok
16:13:27.0998 0x147c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:13:28.0109 0x147c  RemoteRegistry - ok
16:13:28.0171 0x147c  [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
16:13:28.0296 0x147c  RimUsb - ok
16:13:28.0378 0x147c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:13:28.0486 0x147c  RpcEptMapper - ok
16:13:28.0526 0x147c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:13:28.0573 0x147c  RpcLocator - ok
16:13:28.0666 0x147c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:13:28.0713 0x147c  RpcSs - ok
16:13:28.0760 0x147c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:13:28.0824 0x147c  rspndr - ok
16:13:28.0902 0x147c  [ B5A4B7D779CF4070DF408DE18BD33B02, 45D68D32AE10DB0D76F3455DF84ACD2289485C38FC411B71C2DD3E0FB9923473 ] RS_Service      C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
16:13:28.0934 0x147c  RS_Service - detected UnsignedFile.Multi.Generic ( 1 )
16:13:31.0326 0x147c  Detect skipped due to KSN trusted
16:13:31.0326 0x147c  RS_Service - ok
16:13:31.0361 0x147c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe
16:13:31.0382 0x147c  SamSs - ok
16:13:31.0430 0x147c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:13:31.0568 0x147c  sbp2port - ok
16:13:31.0692 0x147c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:13:31.0769 0x147c  SCardSvr - ok
16:13:31.0854 0x147c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:13:31.0973 0x147c  scfilter - ok
16:13:32.0156 0x147c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:13:32.0293 0x147c  Schedule - ok
16:13:32.0371 0x147c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:13:32.0421 0x147c  SCPolicySvc - ok
16:13:32.0517 0x147c  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
16:13:32.0548 0x147c  sdbus - ok
16:13:32.0626 0x147c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:13:32.0743 0x147c  SDRSVC - ok
16:13:32.0805 0x147c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:13:32.0899 0x147c  secdrv - ok
16:13:32.0969 0x147c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:13:33.0078 0x147c  seclogon - ok
16:13:33.0152 0x147c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:13:33.0227 0x147c  SENS - ok
16:13:33.0274 0x147c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:13:33.0401 0x147c  SensrSvc - ok
16:13:33.0447 0x147c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:13:33.0525 0x147c  Serenum - ok
16:13:33.0572 0x147c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:13:33.0635 0x147c  Serial - ok
16:13:33.0699 0x147c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:13:33.0777 0x147c  sermouse - ok
16:13:33.0886 0x147c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:13:33.0972 0x147c  SessionEnv - ok
16:13:34.0003 0x147c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:13:34.0113 0x147c  sffdisk - ok
16:13:34.0181 0x147c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:13:34.0243 0x147c  sffp_mmc - ok
16:13:34.0259 0x147c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:13:34.0337 0x147c  sffp_sd - ok
16:13:34.0416 0x147c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:13:34.0512 0x147c  sfloppy - ok
16:13:34.0605 0x147c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:13:34.0692 0x147c  SharedAccess - ok
16:13:34.0792 0x147c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:13:34.0855 0x147c  ShellHWDetection - ok
16:13:34.0886 0x147c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:13:34.0989 0x147c  SiSRaid2 - ok
16:13:35.0020 0x147c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:13:35.0098 0x147c  SiSRaid4 - ok
16:13:35.0373 0x147c  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:13:35.0398 0x147c  SkypeUpdate - ok
16:13:35.0476 0x147c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:13:35.0585 0x147c  Smb - ok
16:13:35.0689 0x147c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:13:35.0751 0x147c  SNMPTRAP - ok
16:13:35.0798 0x147c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:13:35.0814 0x147c  spldr - ok
16:13:35.0955 0x147c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:13:36.0090 0x147c  Spooler - ok
16:13:36.0579 0x147c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:13:36.0835 0x147c  sppsvc - ok
16:13:36.0913 0x147c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:13:37.0055 0x147c  sppuinotify - ok
16:13:37.0165 0x147c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:13:37.0431 0x147c  srv - ok
16:13:37.0525 0x147c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:13:37.0739 0x147c  srv2 - ok
16:13:37.0835 0x147c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:13:37.0983 0x147c  srvnet - ok
16:13:38.0061 0x147c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:13:38.0172 0x147c  SSDPSRV - ok
16:13:38.0235 0x147c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:13:38.0298 0x147c  SstpSvc - ok
16:13:38.0361 0x147c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:13:38.0470 0x147c  stexstor - ok
16:13:38.0724 0x147c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:13:38.0880 0x147c  stisvc - ok
16:13:38.0992 0x147c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:13:39.0101 0x147c  swenum - ok
16:13:39.0305 0x147c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:13:39.0507 0x147c  swprv - ok
16:13:39.0627 0x147c  [ BCF305959B53B200CEB2AD25AD22F8A7, 74F71313A87C1FDDE2B373EA8D30346D47669CAA7CCE83AB6F8452C268F65787 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
16:13:39.0690 0x147c  SynTP - ok
16:13:39.0958 0x147c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:13:40.0114 0x147c  SysMain - ok
16:13:40.0178 0x147c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:13:40.0667 0x147c  TabletInputService - ok
16:13:40.0752 0x147c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:13:41.0047 0x147c  TapiSrv - ok
16:13:41.0079 0x147c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:13:41.0188 0x147c  TBS - ok
16:13:41.0485 0x147c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:13:41.0615 0x147c  Tcpip - ok
16:13:41.0989 0x147c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:13:42.0052 0x147c  TCPIP6 - ok
16:13:42.0194 0x147c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:13:42.0273 0x147c  tcpipreg - ok
16:13:42.0352 0x147c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:13:42.0558 0x147c  TDPIPE - ok
16:13:42.0633 0x147c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:13:42.0664 0x147c  TDTCP - ok
16:13:42.0775 0x147c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:13:42.0981 0x147c  tdx - ok
16:13:43.0060 0x147c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:13:43.0122 0x147c  TermDD - ok
16:13:43.0258 0x147c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
16:13:43.0367 0x147c  TermService - ok
16:13:43.0430 0x147c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:13:43.0463 0x147c  Themes - ok
16:13:43.0510 0x147c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:13:43.0557 0x147c  THREADORDER - ok
16:13:43.0635 0x147c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:13:43.0728 0x147c  TrkWks - ok
16:13:43.0853 0x147c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:13:43.0947 0x147c  TrustedInstaller - ok
16:13:44.0042 0x147c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:13:44.0089 0x147c  tssecsrv - ok
16:13:44.0188 0x147c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:13:44.0283 0x147c  TsUsbFlt - ok
16:13:44.0411 0x147c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:13:44.0536 0x147c  tunnel - ok
16:13:44.0567 0x147c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:13:44.0632 0x147c  uagp35 - ok
16:13:44.0679 0x147c  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
16:13:44.0726 0x147c  UBHelper - ok
16:13:44.0804 0x147c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:13:44.0978 0x147c  udfs - ok
16:13:45.0040 0x147c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:13:45.0150 0x147c  UI0Detect - ok
16:13:45.0181 0x147c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:13:45.0212 0x147c  uliagpkx - ok
16:13:45.0321 0x147c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:13:45.0415 0x147c  umbus - ok
16:13:45.0495 0x147c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:13:45.0574 0x147c  UmPass - ok
16:13:45.0710 0x147c  [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
16:13:45.0725 0x147c  Updater Service - ok
16:13:45.0805 0x147c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:13:45.0947 0x147c  upnphost - ok
16:13:46.0042 0x147c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:13:46.0151 0x147c  USBAAPL64 - ok
16:13:46.0198 0x147c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:13:46.0433 0x147c  usbccgp - ok
16:13:46.0496 0x147c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:13:46.0615 0x147c  usbcir - ok
16:13:46.0677 0x147c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:13:46.0759 0x147c  usbehci - ok
16:13:46.0837 0x147c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:13:46.0931 0x147c  usbhub - ok
16:13:46.0978 0x147c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:13:47.0071 0x147c  usbohci - ok
16:13:47.0118 0x147c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:13:47.0250 0x147c  usbprint - ok
16:13:47.0326 0x147c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
16:13:47.0438 0x147c  usbscan - ok
16:13:47.0516 0x147c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:13:47.0642 0x147c  USBSTOR - ok
16:13:47.0720 0x147c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:13:47.0822 0x147c  usbuhci - ok
16:13:47.0931 0x147c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:13:48.0056 0x147c  usbvideo - ok
16:13:48.0087 0x147c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:13:48.0168 0x147c  UxSms - ok
16:13:48.0269 0x147c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
16:13:48.0285 0x147c  VaultSvc - ok
16:13:48.0347 0x147c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:13:48.0380 0x147c  vdrvroot - ok
16:13:48.0484 0x147c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:13:48.0578 0x147c  vds - ok
16:13:48.0679 0x147c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:13:48.0711 0x147c  vga - ok
16:13:48.0742 0x147c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:13:48.0836 0x147c  VgaSave - ok
16:13:48.0914 0x147c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:13:49.0036 0x147c  vhdmp - ok
16:13:49.0131 0x147c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:13:49.0222 0x147c  viaide - ok
16:13:49.0264 0x147c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:13:49.0309 0x147c  volmgr - ok
16:13:49.0429 0x147c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:13:49.0540 0x147c  volmgrx - ok
16:13:49.0669 0x147c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:13:49.0772 0x147c  volsnap - ok
16:13:49.0947 0x147c  [ B9B364EAD1438DD80A820D214E821D28, FF93A9289961378CA89D708519CB27D9ABB27D8556985AB4A40DEEFE86F1FBE0 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
16:13:49.0982 0x147c  vpnagent - ok
16:13:50.0092 0x147c  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\Windows\system32\DRIVERS\vpnva64-6.sys
16:13:50.0155 0x147c  vpnva - ok
16:13:50.0210 0x147c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:13:50.0279 0x147c  vsmraid - ok
16:13:50.0518 0x147c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:13:50.0721 0x147c  VSS - ok
16:13:50.0766 0x147c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:13:50.0856 0x147c  vwifibus - ok
16:13:50.0912 0x147c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:13:51.0036 0x147c  vwififlt - ok
16:13:51.0116 0x147c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:13:51.0163 0x147c  vwifimp - ok
16:13:51.0258 0x147c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:13:51.0323 0x147c  W32Time - ok
16:13:51.0369 0x147c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:13:51.0447 0x147c  WacomPen - ok
16:13:51.0557 0x147c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:13:51.0713 0x147c  WANARP - ok
16:13:51.0791 0x147c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:13:51.0853 0x147c  Wanarpv6 - ok
16:13:52.0284 0x147c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:13:52.0486 0x147c  WatAdminSvc - ok
16:13:52.0888 0x147c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:13:53.0131 0x147c  wbengine - ok
16:13:53.0266 0x147c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:13:53.0440 0x147c  WbioSrvc - ok
16:13:53.0549 0x147c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:13:53.0705 0x147c  wcncsvc - ok
16:13:53.0752 0x147c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:13:53.0861 0x147c  WcsPlugInService - ok
16:13:53.0924 0x147c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:13:53.0988 0x147c  Wd - ok
16:13:54.0128 0x147c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:13:54.0207 0x147c  Wdf01000 - ok
16:13:54.0272 0x147c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:13:54.0844 0x147c  WdiServiceHost - ok
16:13:54.0876 0x147c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:13:54.0907 0x147c  WdiSystemHost - ok
16:13:55.0019 0x147c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
16:13:55.0169 0x147c  WebClient - ok
16:13:55.0241 0x147c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:13:55.0335 0x147c  Wecsvc - ok
16:13:55.0366 0x147c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:13:55.0444 0x147c  wercplsupport - ok
16:13:55.0555 0x147c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:13:55.0618 0x147c  WerSvc - ok
16:13:55.0727 0x147c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:13:55.0805 0x147c  WfpLwf - ok
16:13:55.0836 0x147c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:13:55.0883 0x147c  WIMMount - ok
16:13:55.0945 0x147c  WinDefend - ok
16:13:55.0976 0x147c  WinHttpAutoProxySvc - ok
16:13:56.0172 0x147c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:13:56.0281 0x147c  Winmgmt - ok
16:13:56.0517 0x147c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
16:13:56.0814 0x147c  WinRM - ok
16:13:57.0010 0x147c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
16:13:57.0072 0x147c  WinUsb - ok
16:13:57.0317 0x147c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:13:57.0411 0x147c  Wlansvc - ok
16:13:57.0473 0x147c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:13:57.0522 0x147c  WmiAcpi - ok
16:13:57.0647 0x147c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:13:57.0725 0x147c  wmiApSrv - ok
16:13:57.0803 0x147c  WMPNetworkSvc - ok
16:13:57.0850 0x147c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:13:57.0912 0x147c  WPCSvc - ok
16:13:57.0983 0x147c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:13:58.0045 0x147c  WPDBusEnum - ok
16:13:58.0109 0x147c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:13:58.0187 0x147c  ws2ifsl - ok
16:13:58.0234 0x147c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:13:58.0344 0x147c  wscsvc - ok
16:13:58.0409 0x147c  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
16:13:58.0487 0x147c  WSDPrintDevice - ok
16:13:58.0487 0x147c  WSearch - ok
16:13:59.0211 0x147c  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:13:59.0493 0x147c  wuauserv - ok
16:13:59.0571 0x147c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:13:59.0665 0x147c  WudfPf - ok
16:13:59.0790 0x147c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
16:13:59.0930 0x147c  WUDFRd - ok
16:13:59.0985 0x147c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:14:00.0063 0x147c  wudfsvc - ok
16:14:00.0157 0x147c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:14:00.0285 0x147c  WwanSvc - ok
16:14:00.0395 0x147c  ================ Scan global ===============================
16:14:00.0473 0x147c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:14:00.0599 0x147c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
16:14:00.0646 0x147c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
16:14:00.0724 0x147c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:14:00.0881 0x147c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
16:14:00.0912 0x147c  [ Global ] - ok
16:14:00.0912 0x147c  ================ Scan MBR ==================================
16:14:00.0927 0x147c  [ 9C51D3FD2697BD2AE931BE1D6F1E6FFA ] \Device\Harddisk0\DR0
16:14:02.0843 0x147c  \Device\Harddisk0\DR0 - ok
16:14:02.0843 0x147c  ================ Scan VBR ==================================
16:14:02.0859 0x147c  [ 217A2400DF100BF70D5F95A52F6820F6 ] \Device\Harddisk0\DR0\Partition1
16:14:02.0977 0x147c  \Device\Harddisk0\DR0\Partition1 - ok
16:14:03.0008 0x147c  [ B0BBD2C3291EE13C7B2564AC5867F66B ] \Device\Harddisk0\DR0\Partition2
16:14:03.0080 0x147c  \Device\Harddisk0\DR0\Partition2 - ok
16:14:03.0080 0x147c  ================ Scan generic autorun ======================
16:14:03.0216 0x147c  [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
16:14:03.0247 0x147c  IAAnotif - ok
16:14:04.0364 0x147c  [ C7065803783E15DE2A1281D81D849398, 1B4592F0C68BD70A8833418723E6C7EA912478189AAC3D906B2C19E86810122E ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:14:04.0608 0x147c  RtHDVCpl - ok
16:14:04.0785 0x147c  [ EACD1E5D078CCE955A6EDC42FDE207F3, 0ADB01D9AD339F59673F425ACACDAA1FFF641A483A6E078B935B5CD5134C7050 ] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
16:14:04.0831 0x147c  Acer ePower Management - ok
16:14:04.0894 0x147c  [ 97909391D25CC325AC73A804DD96338F, EDC84B5A1470DBC760BDBCE9841D7C24AF27FC12F4F81EF17238E730D2F7AFEA ] C:\Windows\system32\igfxtray.exe
16:14:04.0941 0x147c  IgfxTray - ok
16:14:05.0019 0x147c  [ 5F8508700D0DCAFA082B996BD56BD1F8, 721033A591D6CA5341437A1C834A2ECF000FCDF0EF749B5256CDC1C114A50ECB ] C:\Windows\system32\hkcmd.exe
16:14:05.0081 0x147c  HotKeysCmds - ok
16:14:05.0160 0x147c  [ 7B81880AC42048E7C7553545A59247CA, C17713E5A2F98E2D297E940B509FE16AA38DB1BA4769EDBD1B8E2BFF127472E7 ] C:\Windows\system32\igfxpers.exe
16:14:05.0191 0x147c  Persistence - ok
16:14:05.0191 0x147c  NvCplDaemon - ok
16:14:05.0191 0x147c  SynTPEnh - ok
16:14:05.0521 0x147c  [ A58C6C5E5953B3C837537BBCF3767E69, 398C1D04BEF85E9FC6E1EE42F7341DE4302FF66ADC054A03D12253D261A6F589 ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
16:14:05.0568 0x147c  COMODO Internet Security - ok
16:14:05.0771 0x147c  [ 887E31727394E2998A471A01A521EAB4, E68D0C778BAAB307E6BDDA151787D31FC16AD83ADE3FE848353998D111A9AC0C ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
16:14:05.0818 0x147c  DivXMediaServer - detected UnsignedFile.Multi.Generic ( 1 )
16:14:08.0212 0x147c  Detect skipped due to KSN trusted
16:14:08.0212 0x147c  DivXMediaServer - ok
16:14:08.0338 0x147c  [ 22B6BC5733A4447721BC8FA8A2BE7BE2, D58E032C7094E63E17ACB1BB93686F7821797FAC9317D18957D924538ED6958E ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
16:14:08.0370 0x147c  Cisco AnyConnect Secure Mobility Agent for Windows - ok
16:14:08.0595 0x147c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:14:08.0689 0x147c  Sidebar - ok
16:14:08.0767 0x147c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:14:08.0838 0x147c  mctadmin - ok
16:14:09.0036 0x147c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:14:09.0083 0x147c  Sidebar - ok
16:14:09.0114 0x147c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:14:09.0145 0x147c  mctadmin - ok
16:14:09.0437 0x147c  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:14:09.0562 0x147c  Sidebar - ok
16:14:10.0125 0x147c  [ 3BBEC4CC2A388B4C5D1EFE20EAD7D98F, CBC6603819660C63E09F13D9F541394F3BFED3A3D6F1BDE85843FDF4C162D566 ] C:\Users\Basti\AppData\Local\Google\Chrome\Application\chrome.exe
16:14:10.0162 0x147c  GoogleChromeAutoLaunch_63D8154278637FAC558C6DCA49B059DF - ok
16:14:10.0973 0x147c  [ 5B2563A9BE9FAAC40763ADB6E5D4B75B, 85FB1B2D2163C2BB50A26BB7FF0E293E46163E790B67FF29800518841FC62157 ] C:\Users\Basti\AppData\Roaming\Spotify\SpotifyWebHelper.exe
16:14:11.0051 0x147c  Spotify Web Helper - ok
16:14:11.0145 0x147c  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] C:\Users\Basti\AppData\Local\Google\Update\GoogleUpdate.exe
16:14:11.0161 0x147c  Google Update - ok
16:14:11.0161 0x147c  Waiting for KSN requests completion. In queue: 15
16:14:12.0171 0x147c  Waiting for KSN requests completion. In queue: 15
16:14:13.0186 0x147c  Waiting for KSN requests completion. In queue: 15
16:14:14.0677 0x147c  AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.0.0.4344 ), 0x61000 ( enabled : updated )
16:14:14.0677 0x147c  FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.0.0.4344 ), 0x61010 ( enabled )
16:14:17.0134 0x147c  ============================================================
16:14:17.0134 0x147c  Scan finished
16:14:17.0134 0x147c  ============================================================
16:14:17.0149 0x1790  Detected object count: 0
16:14:17.0149 0x1790  Actual detected object count: 0
16:14:54.0434 0x1578  Deinitialize success
         
Hallo,

ich musste einfach den Dienst "Design" neustarten...
Danke trotzdem.

BG

Alt 25.07.2015, 11:41   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Update? Aero Design weg - bei mir auch - Standard

Windows Update? Aero Design weg - bei mir auch



Kannst trotzdem noch die ADware deinstallieren

Yahoo Community Smartbar

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows Update? Aero Design weg - bei mir auch
aero design, design, installier, installiert, kollege, laufe, laufen, problem, scan, update, windows, windows 7 update fehler, windows update



Ähnliche Themen: Windows Update? Aero Design weg - bei mir auch


  1. Windows 7 Aero Design funktioniert plötzlich nicht mehr // Service "Sitzungs-Manager für Desktopfenster-Manager" macht Probleme
    Alles rund um Windows - 18.04.2016 (10)
  2. Windows 7 Aero funktion nicht.
    Alles rund um Windows - 28.10.2015 (9)
  3. Windows Update? Aero Design weg
    Plagegeister aller Art und deren Bekämpfung - 24.07.2015 (1)
  4. Windows 7 Update Code 8008005 Unbekannte Fehler bei Windows Update
    Log-Analyse und Auswertung - 08.02.2015 (15)
  5. Windows Update funktioniert nicht / Firefox Update mischt auch mit
    Alles rund um Windows - 18.01.2013 (2)
  6. Virus Windows Update Ukash..mich hats auch getroffen.Hier die Log Files...
    Log-Analyse und Auswertung - 14.06.2012 (30)
  7. Windows hat kurz auf AERO gewechselt und zurück
    Plagegeister aller Art und deren Bekämpfung - 11.12.2011 (1)
  8. Probleme bei Öffnen von Programmen und Windows Design ungewollte Änderung
    Plagegeister aller Art und deren Bekämpfung - 04.05.2011 (9)
  9. Windows Design weg und Internet Browser gesperrt!
    Antiviren-, Firewall- und andere Schutzprogramme - 17.03.2010 (1)
  10. Windows XP Design will nicht übernehmen!
    Plagegeister aller Art und deren Bekämpfung - 24.08.2009 (2)
  11. !Hilfe!Habe Probleme mit Windows Design:(
    Alles rund um Windows - 05.02.2009 (11)
  12. Aero Funktion
    Alles rund um Windows - 10.10.2008 (7)
  13. Virus? CPU-Auslastung, Soundkarte, Windows Design
    Log-Analyse und Auswertung - 12.05.2007 (2)
  14. Kann keine Designs mehr außer dem klassichen Windows Design nutzen.
    Log-Analyse und Auswertung - 11.02.2007 (5)
  15. Nette Windows Oberfläche im Mac Design
    Alles rund um Windows - 28.09.2006 (7)
  16. Windows Update geht auch ned...
    Alles rund um Windows - 05.05.2005 (1)
  17. regedit für klassisches windows-design
    Alles rund um Windows - 24.04.2005 (13)

Zum Thema Windows Update? Aero Design weg - bei mir auch - Hallo, ich habe das gleiche Problem wie der Kollege ( http://www.trojaner-board.de/168960-...esign-weg.html ) Habe nun, wie in seinem Problem beschrieben FRST installiert und den Scan laufen lassen: Kann mir diesbezüglich jemand - Windows Update? Aero Design weg - bei mir auch...
Archiv
Du betrachtest: Windows Update? Aero Design weg - bei mir auch auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.