Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.04.2016, 15:22   #1
A-und-T
 
WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Standard

WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt



Moin Moin,

meine Frau hat an ihren web.de Mailaccount eine Ebay-Mahnung erhalten von Sachbearbeiter@ebay.de (Wenn man über den Absender fährt, steht dann dort als Absender amazon.de?!). Da in der Mail persönliche Daten wie Name, Anschrift und Telefonnummer angeführt waren, hat Sie den Anhang (eine Zip-Datei) geöffnet. Diese hat sie danach in den Papierkorb geschoben. Eine Übersicht der beiden dort enthaltenen Dateien habe ich als "inhalt Papierkorb" per Snipping Tool beigefügt.

Das seitens Windows inkludierte Antivirenprogramm zeigte einen grünen Haken. Letztes Update der Virensignaturen war gestern. Ich wollte das Microsoft inkludierte Antivirenprogramm updaten und einen vollständigen Kontrollauf starten, jedoch war das Update nicht möglich. Nach gut einem Viertel des Downloads zeigte der Fortschrittsanzeiger minutenlang keine Veränderungen mehr. Ich habe das Programm dann hart über den Task-Manager geschlossen. Lt. meiner Frau hatte Sie keine Meldungen des Virenscanners erhalten. Somit bin ich mir nicht sicher, ob Sie die Zip-Datei tatsächlich ausgeführt hat.


Vielen Dank im voraus für eure Unterstützung! Als Anlage ist das Bild des Snipping Tools beigefügt.



FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
durchgeführt von Anja Könemann-Meyer (Administrator) auf ANJAKÖNEMANN (22-04-2016 15:58:36)
Gestartet von C:\Users\Anja Könemann-Meyer\Desktop
Geladene Profile: Anja Könemann-Meyer (Verfügbare Profile: Anja Könemann-Meyer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Spotify Ltd) C:\Users\Anja Könemann-Meyer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860040 2010-10-29] (Acer Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11619432 2010-11-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2185832 2010-11-26] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-25] (CANON INC.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1025616 2010-12-09] (Dritek System Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2015-12-23] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\Run: [Spotify Web Helper] => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-11-22] (Spotify Ltd)
HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\Run: [Dropbox Update] => C:\Users\Anja Könemann-Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1580922863-27489201-3224137613-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [456224 2010-07-29] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll Keine Datei 
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll Keine Datei 
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll Keine Datei 
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll Keine Datei 
Winsock: Catalog9 15 C:\Windows\system32\LavasoftTcpService.dll Keine Datei 
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-11-01] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-11-01] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-11-01] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-11-01] (Lavasoft Limited)
Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-11-01] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{412A188C-9B1E-4B33-A51E-DC384474650A}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{D5B69A84-AB52-4A15-B29E-FDA71F5106C3}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1580922863-27489201-3224137613-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1580922863-27489201-3224137613-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D071815-A166D148A50&form=CONMHP&conlogo=CT3334470
HKU\S-1-5-21-1580922863-27489201-3224137613-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1580922863-27489201-3224137613-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D071815-A166D148A50&form=CONBDF&conlogo=CT3334470&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1580922863-27489201-3224137613-1001 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-1580922863-27489201-3224137613-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D071815-A166D148A50&form=CONBDF&conlogo=CT3334470&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-26] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-26] (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
DPF: HKLM-x32 {271A3CF5-5A54-447B-A08F-BE805F0DA60B} hxxps://www.olb.de/olb_fb3_1883/plugin/AXFOAM.CAB

FireFox:
========
FF ProfilePath: C:\Users\Anja Könemann-Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\41tisswg.default
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D071815-A166D148A50&form=CONMHP&conlogo=CT3334470
FF DefaultSearchEngine: Bing®
FF SelectedSearchEngine: Bing®
FF Homepage: www.web.de
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1580922863-27489201-3224137613-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll [2012-09-15] (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\Anja Könemann-Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\41tisswg.default\searchplugins\bing-lavasoft.xml [2016-04-13]
FF Extension: X-notifier - C:\Users\Anja Könemann-Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\41tisswg.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2016-01-16]
FF Extension: OLB - C:\Users\Anja Könemann-Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\41tisswg.default\extensions\{C752FF21-A8EF-468E-B507-5BBAFB84359D} [2016-03-02]
FF Extension: DDBAC Plug-In - C:\Users\Anja Könemann-Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\41tisswg.default\Extensions\{271A3CF5-5A54-447B-A08F-BE805F0DA60A} [2013-11-07] [ist nicht signiert]
FF Extension: Video DownloadHelper - C:\Users\Anja Könemann-Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\41tisswg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-04-12]

Chrome: 
=======
CHR Profile: C:\Users\Anja Könemann-Meyer\AppData\Local\Google\Chrome\User Data\Default

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 CLKMSVC10_34E30CCC; C:\Program Files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe [254448 2010-11-25] (CyberLink)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-12-23] (Freemake) [Datei ist nicht signiert]
S2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2016-04-13] (Lavasoft Limited)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [17168 2016-04-13] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-04-28] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-04-28] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-22 15:58 - 2016-04-22 15:59 - 00020488 _____ C:\Users\Anja Könemann-Meyer\Desktop\FRST.txt
2016-04-22 15:58 - 2016-04-22 15:58 - 00000000 ____D C:\FRST
2016-04-22 15:57 - 2016-04-22 15:57 - 02375680 _____ (Farbar) C:\Users\Anja Könemann-Meyer\Desktop\FRST64.exe
2016-04-22 15:52 - 2016-04-22 15:52 - 00016859 _____ C:\Users\Anja Könemann-Meyer\Desktop\RCcyODBr.htm
2016-04-22 14:04 - 2016-04-22 14:05 - 00505224 _____ C:\Users\Anja Könemann-Meyer\Downloads\Anja Könemann-meyer Stellvertretender Sachbearbeiter Ebay AG 20.04.2016.zip
2016-04-17 20:08 - 2016-04-17 20:09 - 57034907 _____ C:\Users\Anja Könemann-Meyer\Downloads\Wasserwerk Nethen.zip
2016-04-16 09:05 - 2016-04-16 09:05 - 00000000 ____D C:\Users\Anja Könemann-Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-13 21:04 - 2016-04-13 21:04 - 00000000 ____D C:\searchplugins
2016-04-12 21:01 - 2016-04-13 21:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-09 18:48 - 2016-04-09 18:48 - 00000000 ____D C:\Users\Anja Könemann-Meyer\Documents\steuer
2016-04-09 18:42 - 2016-04-09 18:42 - 00000000 ____H C:\ProgramData\cm-lock
2016-04-02 17:20 - 2016-04-02 17:21 - 00000000 ____D C:\Users\Anja Könemann-Meyer\AppData\Local\Flixster
2016-04-02 17:20 - 2016-04-02 17:20 - 00000360 _____ C:\Users\Anja Könemann-Meyer\Desktop\Flixster Video.appref-ms
2016-04-02 17:20 - 2016-04-02 17:20 - 00000000 ____D C:\Users\Anja Könemann-Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flixster Video
2016-04-02 17:17 - 2016-04-02 17:21 - 00000000 ____D C:\Users\Anja Könemann-Meyer\AppData\Local\Deployment
2016-04-02 17:17 - 2016-04-02 17:17 - 00000000 ____D C:\Users\Anja Könemann-Meyer\AppData\Local\Apps\2.0
2016-04-02 17:16 - 2016-04-02 17:16 - 00499288 _____ () C:\Users\Anja Könemann-Meyer\Downloads\FlixsterSetup.exe
2016-04-01 22:13 - 2016-04-01 22:13 - 00001757 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-04-01 22:13 - 2016-04-01 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-04-01 22:12 - 2016-04-01 22:13 - 00000000 ____D C:\Program Files\iTunes
2016-04-01 22:12 - 2016-04-01 22:12 - 00000000 ____D C:\Program Files\iPod
2016-04-01 22:12 - 2016-04-01 22:12 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-28 15:31 - 2016-03-28 15:35 - 230913656 _____ C:\Users\Anja Könemann-Meyer\Downloads\WISOSteuersoftware2015Update229314.exe
2016-03-24 18:37 - 2016-03-24 18:39 - 124980336 _____ C:\Users\Anja Könemann-Meyer\Downloads\WISOSteuerSparbuch2016Update231404.exe
2016-03-24 18:32 - 2016-03-24 18:32 - 00002099 _____ C:\Users\Public\Desktop\WISO steuer Sparbuch 2016.lnk
2016-03-24 18:32 - 2016-03-24 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2016

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-22 15:56 - 2009-07-14 06:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-22 15:56 - 2009-07-14 06:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-22 15:46 - 2015-06-20 12:35 - 00001280 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1580922863-27489201-3224137613-1001UA.job
2016-04-22 15:46 - 2015-06-20 12:35 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1580922863-27489201-3224137613-1001Core.job
2016-04-22 15:36 - 2012-04-01 18:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-22 15:12 - 2011-04-10 11:55 - 00699682 _____ C:\Windows\system32\perfh007.dat
2016-04-22 15:12 - 2011-04-10 11:55 - 00149790 _____ C:\Windows\system32\perfc007.dat
2016-04-22 15:12 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-22 15:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-22 15:10 - 2014-06-04 00:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-04-21 20:30 - 2011-06-25 18:53 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-16 09:05 - 2013-11-02 18:26 - 00000000 ____D C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox
2016-04-13 21:04 - 2014-12-04 21:10 - 00002278 _____ C:\Windows\wininit.ini
2016-04-13 21:04 - 2012-04-28 20:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-11 21:17 - 2011-06-26 00:09 - 00000000 ____D C:\Users\Public\Documents\Thomas
2016-04-09 18:45 - 2011-06-25 18:38 - 00000000 ____D C:\ProgramData\clear.fi
2016-04-09 18:40 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-09 10:36 - 2012-04-01 18:43 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-09 10:36 - 2012-04-01 18:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-09 10:36 - 2011-06-25 21:55 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-01 22:33 - 2012-01-11 21:41 - 00000000 ____D C:\Program Files (x86)\WISO
2016-04-01 22:32 - 2010-12-10 21:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-01 22:12 - 2011-06-25 21:50 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-03-28 21:22 - 2015-04-05 00:48 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-28 21:22 - 2015-04-05 00:48 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-28 15:40 - 2012-01-11 21:44 - 00001023 _____ C:\Windows\wiso.ini
2016-03-26 13:17 - 2014-10-19 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-26 13:17 - 2014-10-19 16:32 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-26 13:16 - 2015-09-06 18:43 - 00000000 ____D C:\Users\Anja Könemann-Meyer\.oracle_jre_usage
2016-03-26 13:15 - 2014-10-19 16:33 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-03-26 13:01 - 2016-02-13 20:35 - 00000000 ___HD C:\$WINDOWS.~BT
2016-03-26 11:05 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2016-03-24 18:32 - 2012-01-11 21:44 - 00000000 ____D C:\Users\Anja Könemann-Meyer\AppData\Local\Buhl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-03-11 08:32 - 2015-07-25 09:21 - 0000093 _____ () C:\Users\Anja Könemann-Meyer\AppData\Roaming\ARCompanion.log
2011-06-25 22:26 - 2011-07-06 20:36 - 0001298 _____ () C:\Users\Anja Könemann-Meyer\AppData\Roaming\WebThread.log
2011-07-23 21:10 - 2015-07-24 16:59 - 0028672 _____ () C:\Users\Anja Könemann-Meyer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-06-25 22:31 - 2011-06-25 22:31 - 0000040 ___SH () C:\ProgramData\.zreglib
2011-04-10 02:31 - 2011-04-10 02:34 - 0016642 _____ () C:\ProgramData\ArcadeDeluxe5.log
2016-04-09 18:42 - 2016-04-09 18:42 - 0000000 ____H () C:\ProgramData\cm-lock
2010-12-10 21:09 - 2010-03-03 01:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\dcmsvcsetup.exe


Einige Dateien in TEMP:
====================
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\APNSetup.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\ARCompanionForSession1.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\avgnt.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbe2und.dll
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\i4jdel0.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\proxy_vole1981420142849376026.dll
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\Quarantine.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\sqlite3.dll
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\VideoConverter.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-09 19:25

==================== Ende von FRST.txt ============================
         

Addition.txt:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016
durchgeführt von Anja Könemann-Meyer (2016-04-22 15:59:24)
Gestartet von C:\Users\Anja Könemann-Meyer\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-06-25 16:27:55)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1580922863-27489201-3224137613-500 - Administrator - Disabled)
Anja Könemann-Meyer (S-1-5-21-1580922863-27489201-3224137613-1001 - Administrator - Enabled) => C:\Users\Anja Könemann-Meyer
Gast (S-1-5-21-1580922863-27489201-3224137613-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1580922863-27489201-3224137613-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1216 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1216 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3000 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.1206.2010 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.5.0 - SlySoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{E69F8CE0-7EA0-63A9-5A5B-D8FD9BDCC219}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
Backup Manager V3 (x32 Version: 3.0.0.100 - NTI Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version:  - )
Canon MP Navigator EX 4.1 (HKLM-x32\...\MP Navigator EX 4.1) (Version:  - )
Canon MX410 series Benutzerregistrierung (HKLM-x32\...\Canon MX410 series Benutzerregistrierung) (Version:  - )
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
ccc-core-static (x32 Version: 2010.1028.1114.18274 - Ihr Firmenname) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2631 - CDBurnerXP)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1223.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1223.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7209 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3008 - Acer Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
dcmsvc 1.0 (HKLM-x32\...\dcmsvc_is1) (Version:  - )
DDBAC (HKLM-x32\...\{8E1246B9-9F66-4303-BF11-212EC2672BBE}) (Version: 5.3.13 - DataDesign)
Dropbox (HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Flixster Video (HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\44adf2ca8644bf21) (Version: 2.6.1.520 - Flixster Video)
FLVPlayer4Free Free FLV Player 4.4.0.0 (HKLM-x32\...\FLVPlayer4Free Free FLV Player_is1) (Version:  - Sakysoft s.r.l. uninominale) <==== ACHTUNG
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 7.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.2.0 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 5.0.3 - Acer Inc.)
MediaEspresso (x32 Version: 1.0.1210_33255 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
MyFreeCodec (HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\MyFreeCodec) (Version:  - )
MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8939 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8939 - NTI Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6254 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Spotify (HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
tiptoi® Manager 3.0.9 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.0.82.0 - Intel)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Web Companion (HKLM-x32\...\{4c71ec19-4e75-4091-847b-27b9e2344c32}) (Version: 2.3.1410.2697 - Lavasoft)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3007 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WISO steuer:Sparbuch 2016 (HKLM-x32\...\{15BDB724-27E9-45E7-AB81-3CE8FEA55DC8}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{6BC63926-A57A-435E-8313-FFC56EE1397C}) (Version: 22.00.8811 - Buhl Data Service GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1580922863-27489201-3224137613-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1580922863-27489201-3224137613-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1580922863-27489201-3224137613-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1580922863-27489201-3224137613-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1580922863-27489201-3224137613-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1CA6B6B3-0C8D-4A70-97FE-D50349BB422B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1580922863-27489201-3224137613-1001UA => C:\Users\Anja Könemann-Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {2F8998CF-EA88-404E-B8A4-61D4EA340DA8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {6BCCFA82-0011-4184-BA92-61F1EA0A27BD} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2010-12-23] (CyberLink)
Task: {6C26B7EF-1629-4198-8E9B-F9FD9B2D3BF6} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {A161B4DF-AAC1-4756-ADB4-AF9290142CE4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1580922863-27489201-3224137613-1001Core => C:\Users\Anja Könemann-Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {B836AFC1-C256-4A34-9D0C-154C35035464} - System32\Tasks\{2C4700D6-4465-4DD0-AD1A-07B516A1DD9B} => Firefox.exe hxxp://ui.skype.com/ui/0/4.1.0.179.367/de/abandoninstall?source=lightinstaller&amp;page=tsOptions&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {B912FFA5-FD27-4B21-A10E-FDF0814359DD} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2010-12-23] (CyberLink Corp.)
Task: {D5A6150C-F8C5-4CF2-8C90-79F2398A6A5D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {DA674130-A242-4AEC-9E98-4EB3B9110833} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-09] (Adobe Systems Incorporated)
Task: {DD63681E-B883-46A9-8389-8BB06FCFB109} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2010-12-23] (Acer Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1580922863-27489201-3224137613-1001Core.job => C:\Users\Anja Könemann-Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1580922863-27489201-3224137613-1001UA.job => C:\Users\Anja Könemann-Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Anja Könemann-Meyer\Desktop\Acer-Programme\Acer Zubehör Shop.lnk -> C:\Program Files\Acer Accessory Store\StartURL.exe () -> hxxp://store.acer-euro.com/de?utm_source=Icon&utm_medium=Icon&utm_campaign=Acer%2BInternal

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2009-01-22 02:45 - 2009-01-22 02:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-11-23 21:56 - 2015-12-23 17:31 - 00073216 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2016-03-29 08:19 - 2016-04-13 21:03 - 00017168 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
2016-03-29 08:19 - 2016-04-13 21:03 - 00008976 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll
2016-03-29 08:19 - 2016-04-13 21:03 - 00028944 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll
2015-07-18 21:01 - 2016-04-13 21:03 - 00121104 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2012-01-05 15:22 - 2012-01-05 15:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-01-05 15:22 - 2012-01-05 15:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-01-05 15:22 - 2012-01-05 15:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2016-02-12 20:12 - 2016-02-12 20:12 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\517f6ac3a3d9fbdb4380859f99108c77\IsdiInterop.ni.dll
2010-12-10 21:00 - 2010-09-14 04:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7668 mehr Seiten.

IE trusted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\olb.de -> hxxps://www.olb.de
IE trusted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7688 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2014-06-02 22:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1580922863-27489201-3224137613-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Anja Könemann-Meyer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupreg: AnyDVD => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: dcmsvc => C:\Program Files (x86)\dcmsvc\dcmsvc.exe
MSCONFIG\startupreg: EgisTecPMMUpdate => "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
MSCONFIG\startupreg: EgisUpdate => "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesHelper => C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A165E41E-F7FA-4CE2-9AFB-EB4621E21CB1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{3222B8AC-C31E-45FE-9C43-541675C2A2C0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{9626BAF0-1FA5-427A-A5C6-74C212C11106}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{46549643-5BF4-49B3-946A-5A5241B0925C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
FirewallRules: [{A72C855D-F1B4-4B78-A2B6-C0958C990A30}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
FirewallRules: [{B188C7B6-8C65-44C9-8D47-C64205035063}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
FirewallRules: [{D087F000-0464-44E5-9B35-ADD0A5EB45C9}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{CEA14A39-C4D2-413A-9516-558395B825E5}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{CD953CF2-724E-418B-A627-3F243EC6FF7A}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{F46F201B-08BC-4EB8-A13E-DA22AB132953}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{EFE816C5-EB58-4EBB-8C8E-F50D9DB7C0E2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{5F0F17AA-7AF5-40EC-AA23-D41FA3B1DE19}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{5D5AE86D-2C25-4DFA-9F31-E3E7573AFF37}] => (Allow) C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7F4C9309-93C7-46B7-9FB9-008CFCCE24FF}] => (Allow) C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{FBB03CDC-9D58-4767-8571-85B934FCFDA7}C:\users\anja könemann-meyer\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\anja könemann-meyer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4F1F952B-EB70-4149-B894-2165D90C737E}C:\users\anja könemann-meyer\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\anja könemann-meyer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F55D983C-44E7-43F6-9DD5-2778E5225425}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{62975EC7-343F-464E-802E-8555FF84E329}] => (Allow) LPort=2869
FirewallRules: [{A88B5061-51ED-46CF-AF8E-B86CBC7878E0}] => (Allow) LPort=1900
FirewallRules: [{D5883ADB-FF37-45A1-B335-0335AD407F5A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{24A294D6-0B71-4AE3-9A65-1B49B6110FAC}C:\users\anja könemann-meyer\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\anja könemann-meyer\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{0CE229F7-F6E1-429C-B5FD-C8EF7D85F9CC}C:\users\anja könemann-meyer\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\anja könemann-meyer\appdata\roaming\spotify\spotify.exe
FirewallRules: [{484D613C-65CC-4138-831C-A57D4E103F90}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68621B12-D3A6-4533-953E-3E643A07D2CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4359A621-DE18-4175-BDC4-3DED32464AFE}C:\program files (x86)\flixster\flixster.exe] => (Allow) C:\program files (x86)\flixster\flixster.exe
FirewallRules: [UDP Query User{AD6FED63-8D4C-4C58-9E74-AC5142C87870}C:\program files (x86)\flixster\flixster.exe] => (Allow) C:\program files (x86)\flixster\flixster.exe
FirewallRules: [TCP Query User{A1B455D0-412A-466A-8FB5-0EAD40875204}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{BAF34F66-9BA7-45CB-9097-1E78E2F096FE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{824B43AE-C16D-41CD-BB98-95EBF23A7287}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{F8DF44DA-D7A5-4CFA-ADE3-934C8CCC93D9}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [TCP Query User{7760DC40-13A8-41A9-A1D1-B28D9E5B76C0}C:\users\anja könemann-meyer\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe] => (Allow) C:\users\anja könemann-meyer\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [UDP Query User{46ED3C86-9C71-4375-941F-57B004728213}C:\users\anja könemann-meyer\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe] => (Allow) C:\users\anja könemann-meyer\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [TCP Query User{9D15693C-01E1-494E-A3BA-AD70A55B2D5F}C:\program files (x86)\flixster\flixster.exe] => (Allow) C:\program files (x86)\flixster\flixster.exe
FirewallRules: [UDP Query User{AD93A342-07D8-4461-9AC4-6C08E1E7F3A7}C:\program files (x86)\flixster\flixster.exe] => (Allow) C:\program files (x86)\flixster\flixster.exe
FirewallRules: [{C5374B3D-DA36-4443-A327-F71D903C7F69}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{45670796-91CF-4AC9-93BE-950D8A6C8F2B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8B7AA4F7-AAA2-4DF5-923C-49F86E856093}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1D658620-567C-4D63-8DE1-AAD826E41AEC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E0BC69A4-9905-4FFD-85B6-1DA21BF6B81A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FE85EA94-E2A8-43C2-957B-04D6EB1B11D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68510114-640A-4DF6-83EB-2D397B1210A0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Disabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe] => Enabled:Spybot-S&D 2 Firewall service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe] => Enabled:Spybot-S&D 2 On-Access monitor service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSODSvc.exe] => Enabled:Spybot-S&D 2 Scan On Demand service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

28-03-2016 21:21:50 Windows Update
01-04-2016 21:55:47 Windows Update
01-04-2016 22:26:55 Entfernt WISO Steuer-Sparbuch 2013
01-04-2016 22:31:52 Entfernt WISO Steuer-Sparbuch 2014
09-04-2016 18:55:27 Windows Update
20-04-2016 07:46:40 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/18/2016 04:22:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2090

Error: (04/18/2016 04:22:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2090

Error: (04/18/2016 04:22:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/18/2016 04:22:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1092

Error: (04/18/2016 04:22:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1092

Error: (04/18/2016 04:22:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/16/2016 10:04:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2106

Error: (04/16/2016 10:04:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2106

Error: (04/16/2016 10:04:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/16/2016 10:04:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1076


Systemfehler:
=============
Error: (04/22/2016 02:04:13 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.217.1755.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.9.0218.00

	Quellpfad: 4.9.0218.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (04/22/2016 02:04:13 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.217.1755.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.9.0218.00

	Quellpfad: 4.9.0218.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (04/22/2016 02:03:28 PM) (Source: Microsoft Antimalware) (EventID: 1119) (User: )
Description: Beim Anwenden von Aktionen auf Schadsoftware und potenziell unerwünschte Software wurde von %Trojan:Win32/Matsnu.Q60 ein schwerwiegender Fehler festgestellt.

Weitere Informationen finden Sie hier:
%Trojan:Win32/Matsnu.Q603

	Name: Trojan:Win32/Matsnu.Q

	ID: 2147710718

	Schweregrad: %Trojan:Win32/Matsnu.Q600

	Kategorie: %Trojan:Win32/Matsnu.Q602

	Pfad: 4.9.0218.02

	Ursprung der Erkennung: 4.9.0218.04

	Typ der Erkennung: 4.9.0218.08

	Quelle der Erkennung: %Trojan:Win32/Matsnu.Q608

	Benutzer: {212197CD-D503-45F5-8411-5E051578BA74}9

	Prozessname: %Trojan:Win32/Matsnu.Q609

	Aktion: {212197CD-D503-45F5-8411-5E051578BA74}1

	Aktionsstatus:  {212197CD-D503-45F5-8411-5E051578BA74}8

	Fehlercode: {212197CD-D503-45F5-8411-5E051578BA74}3

	Fehlerbeschreibung: {212197CD-D503-45F5-8411-5E051578BA74}4

	Signaturversion: 2016-04-22T12:02:59.706Z1

	Modulversion: 2016-04-22T12:02:59.706Z2


CodeIntegrity:
===================================
  Date: 2015-07-18 16:26:54.625
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:26:54.515
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:21:33.076
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:21:32.980
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:21:16.813
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:21:16.718
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:21:00.083
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:20:59.988
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:20:07.642
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:20:07.536
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 59%
Installierter physikalischer RAM: 6125.86 MB
Verfügbarer physikalischer RAM: 2460.25 MB
Summe virtueller Speicher: 12249.93 MB
Verfügbarer virtueller Speicher: 9027.32 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:683.54 GB) (Free:116.24 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 4D7F0FA2)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         



-inhalt-papierkorb.jpg

Geändert von A-und-T (22.04.2016 um 15:27 Uhr)

Alt 22.04.2016, 17:10   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Standard

WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.


Los geht's:

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 22.04.2016, 17:23   #3
A-und-T
 
WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Standard

WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt



Hallo Jürgen,

vielen Dank im Voraus für Deine Unterstützung und Deine schnelle Antwort.
Der TDDSKiller ist schon durchgelaufen - leider mit zwei Befunden (siehe nachstehende LOG-Datei) - Doof... :

Herzliche Grüße

Thomas


Code:
ATTFilter
18:25:38.0237 0x2518  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:25:40.0617 0x2518  ============================================================
18:25:40.0617 0x2518  Current date / time: 2016/04/22 18:25:40.0617
18:25:40.0617 0x2518  SystemInfo:
18:25:40.0617 0x2518  
18:25:40.0617 0x2518  OS Version: 6.1.7601 ServicePack: 1.0
18:25:40.0617 0x2518  Product type: Workstation
18:25:40.0617 0x2518  ComputerName: ANJAKÖNEMANN
18:25:40.0618 0x2518  UserName: Anja Könemann-Meyer
18:25:40.0618 0x2518  Windows directory: C:\Windows
18:25:40.0618 0x2518  System windows directory: C:\Windows
18:25:40.0618 0x2518  Running under WOW64
18:25:40.0618 0x2518  Processor architecture: Intel x64
18:25:40.0618 0x2518  Number of processors: 4
18:25:40.0618 0x2518  Page size: 0x1000
18:25:40.0618 0x2518  Boot type: Normal boot
18:25:40.0618 0x2518  ============================================================
18:25:40.0726 0x2518  KLMD registered as C:\Windows\system32\drivers\33704797.sys
18:25:41.0666 0x2518  System UUID: {CBE1F9E8-A01A-BD5E-5D46-27C9C1940AAB}
18:25:42.0191 0x2518  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:25:42.0195 0x2518  ============================================================
18:25:42.0195 0x2518  \Device\Harddisk0\DR0:
18:25:42.0195 0x2518  MBR partitions:
18:25:42.0195 0x2518  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
18:25:42.0195 0x2518  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x55713000
18:25:42.0195 0x2518  ============================================================
18:25:42.0224 0x2518  C: <-> \Device\Harddisk0\DR0\Partition2
18:25:42.0224 0x2518  ============================================================
18:25:42.0224 0x2518  Initialize success
18:25:42.0224 0x2518  ============================================================
18:26:13.0221 0x194c  ============================================================
18:26:13.0237 0x194c  Scan started
18:26:13.0237 0x194c  Mode: Manual; SigCheck; TDLFS; 
18:26:13.0237 0x194c  ============================================================
18:26:13.0237 0x194c  KSN ping started
18:26:15.0639 0x194c  KSN ping finished: true
18:26:16.0388 0x194c  ================ Scan system memory ========================
18:26:16.0388 0x194c  System memory - ok
18:26:16.0388 0x194c  ================ Scan services =============================
18:26:16.0653 0x194c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:26:16.0762 0x194c  1394ohci - ok
18:26:16.0809 0x194c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:26:16.0825 0x194c  ACPI - ok
18:26:16.0887 0x194c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:26:16.0981 0x194c  AcpiPmi - ok
18:26:17.0152 0x194c  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:26:17.0152 0x194c  AdobeARMservice - ok
18:26:17.0262 0x194c  [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:26:17.0277 0x194c  AdobeFlashPlayerUpdateSvc - ok
18:26:17.0324 0x194c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:26:17.0340 0x194c  adp94xx - ok
18:26:17.0371 0x194c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:26:17.0386 0x194c  adpahci - ok
18:26:17.0418 0x194c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:26:17.0433 0x194c  adpu320 - ok
18:26:17.0480 0x194c  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:26:17.0527 0x194c  AeLookupSvc - ok
18:26:17.0620 0x194c  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
18:26:17.0683 0x194c  AFD - ok
18:26:17.0730 0x194c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:26:17.0745 0x194c  agp440 - ok
18:26:17.0776 0x194c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:26:17.0792 0x194c  ALG - ok
18:26:17.0839 0x194c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:26:17.0854 0x194c  aliide - ok
18:26:17.0886 0x194c  [ 9CB927E76D3F65A02741A4D9A690178C, F94A931B3C8E94B54ED8D9F341D4DD5E21B27D681B3E418AC775684BF30C54DC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:26:17.0948 0x194c  AMD External Events Utility - ok
18:26:18.0010 0x194c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:26:18.0026 0x194c  amdide - ok
18:26:18.0057 0x194c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:26:18.0088 0x194c  AmdK8 - ok
18:26:18.0338 0x194c  [ B8660FB5431F136635FB6446AC67FAAE, 08D2C124530169579BF2BE7E6975AED57683A00FAC1945897AFC6822F7D51D2D ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:26:18.0510 0x194c  amdkmdag - ok
18:26:18.0619 0x194c  [ 5FC9D833F726383D9D60205F5A3CF16B, 0A5A4A63FF2224E5CF72C7C7DA82C2FD4B2BEE5EED5C5F63D25370F5560105EE ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:26:18.0666 0x194c  amdkmdap - ok
18:26:18.0712 0x194c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:26:18.0744 0x194c  AmdPPM - ok
18:26:18.0790 0x194c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:26:18.0806 0x194c  amdsata - ok
18:26:18.0837 0x194c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:26:18.0837 0x194c  amdsbs - ok
18:26:18.0853 0x194c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:26:18.0868 0x194c  amdxata - ok
18:26:18.0915 0x194c  [ 4887E13C3154816A9503E34FC05F2804, CA05D85C3B63EEB2836D50FF99CDA70DC56D7F67B4296EC50A7D250BBA2F57C4 ] AnyDVD          C:\Windows\system32\Drivers\AnyDVD.sys
18:26:18.0931 0x194c  AnyDVD - ok
18:26:19.0009 0x194c  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
18:26:19.0056 0x194c  AppID - ok
18:26:19.0071 0x194c  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:26:19.0102 0x194c  AppIDSvc - ok
18:26:19.0149 0x194c  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
18:26:19.0180 0x194c  Appinfo - ok
18:26:19.0336 0x194c  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:26:19.0368 0x194c  Apple Mobile Device Service - ok
18:26:19.0430 0x194c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:26:19.0461 0x194c  arc - ok
18:26:19.0477 0x194c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:26:19.0492 0x194c  arcsas - ok
18:26:19.0633 0x194c  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:26:19.0664 0x194c  aspnet_state - ok
18:26:19.0695 0x194c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:26:19.0804 0x194c  AsyncMac - ok
18:26:19.0882 0x194c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:26:19.0898 0x194c  atapi - ok
18:26:20.0023 0x194c  [ E642491F64E58CD5BC8FB8B347DCF65F, D457175EF3A0552CEA3DA78E7116D54BC2BF157857A8B764597B51FB4E29C033 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
18:26:20.0085 0x194c  athr - ok
18:26:20.0116 0x194c  [ 2D648572BA9A610952FCAFBA1E119C2D, 4CD7E7D3C878DEF8CC18A925EAB1E0E8E8893BE99DA1E1F78FE9AD12EF1C48BC ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
18:26:20.0116 0x194c  AtiHdmiService - ok
18:26:20.0226 0x194c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:26:20.0319 0x194c  AudioEndpointBuilder - ok
18:26:20.0335 0x194c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:26:20.0366 0x194c  AudioSrv - ok
18:26:20.0444 0x194c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:26:20.0553 0x194c  AxInstSV - ok
18:26:20.0647 0x194c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:26:20.0725 0x194c  b06bdrv - ok
18:26:20.0756 0x194c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:26:20.0803 0x194c  b57nd60a - ok
18:26:20.0834 0x194c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:26:20.0912 0x194c  BDESVC - ok
18:26:20.0943 0x194c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:26:21.0021 0x194c  Beep - ok
18:26:21.0130 0x194c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:26:21.0208 0x194c  BFE - ok
18:26:21.0302 0x194c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:26:21.0442 0x194c  BITS - ok
18:26:21.0489 0x194c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:26:21.0536 0x194c  blbdrive - ok
18:26:21.0614 0x194c  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:26:21.0645 0x194c  Bonjour Service - ok
18:26:21.0676 0x194c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:26:21.0708 0x194c  bowser - ok
18:26:21.0739 0x194c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:26:21.0770 0x194c  BrFiltLo - ok
18:26:21.0786 0x194c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:26:21.0801 0x194c  BrFiltUp - ok
18:26:21.0848 0x194c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
18:26:21.0879 0x194c  BridgeMP - ok
18:26:21.0926 0x194c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:26:21.0973 0x194c  Browser - ok
18:26:22.0004 0x194c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:26:22.0051 0x194c  Brserid - ok
18:26:22.0082 0x194c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:26:22.0113 0x194c  BrSerWdm - ok
18:26:22.0144 0x194c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:26:22.0176 0x194c  BrUsbMdm - ok
18:26:22.0191 0x194c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:26:22.0207 0x194c  BrUsbSer - ok
18:26:22.0222 0x194c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:26:22.0238 0x194c  BTHMODEM - ok
18:26:22.0269 0x194c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:26:22.0316 0x194c  bthserv - ok
18:26:22.0347 0x194c  catchme - ok
18:26:22.0378 0x194c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:26:22.0441 0x194c  cdfs - ok
18:26:22.0519 0x194c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:26:22.0550 0x194c  cdrom - ok
18:26:22.0612 0x194c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:26:22.0644 0x194c  CertPropSvc - ok
18:26:22.0690 0x194c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:26:22.0737 0x194c  circlass - ok
18:26:22.0784 0x194c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
18:26:22.0800 0x194c  CLFS - ok
18:26:22.0909 0x194c  [ 7AD6AD732247CC3D7A943465748C0D47, 5A1DD728077DE2B5FAFD0B3F51DF38E256C153A20F9CF571F2BB387507AD2088 ] CLKMSVC10_34E30CCC C:\Program Files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe
18:26:22.0924 0x194c  CLKMSVC10_34E30CCC - ok
18:26:22.0987 0x194c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:26:23.0002 0x194c  clr_optimization_v2.0.50727_32 - ok
18:26:23.0034 0x194c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:26:23.0049 0x194c  clr_optimization_v2.0.50727_64 - ok
18:26:23.0143 0x194c  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:26:23.0158 0x194c  clr_optimization_v4.0.30319_32 - ok
18:26:23.0174 0x194c  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:26:23.0190 0x194c  clr_optimization_v4.0.30319_64 - ok
18:26:23.0236 0x194c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:26:23.0283 0x194c  CmBatt - ok
18:26:23.0314 0x194c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:26:23.0346 0x194c  cmdide - ok
18:26:23.0455 0x194c  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:26:23.0486 0x194c  CNG - ok
18:26:23.0658 0x194c  [ 360959BBD4F451E1AB811F4304232766, 7BAA78590F2F656DC8D8C31EEDB7ED17B55C5EB3218A60A0EB90AFA323C01BCA ] CodeMeter.exe   C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
18:26:23.0720 0x194c  CodeMeter.exe - ok
18:26:23.0767 0x194c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:26:23.0767 0x194c  Compbatt - ok
18:26:23.0829 0x194c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:26:23.0892 0x194c  CompositeBus - ok
18:26:23.0923 0x194c  COMSysApp - ok
18:26:23.0938 0x194c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:26:23.0954 0x194c  crcdisk - ok
18:26:24.0016 0x194c  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:26:24.0079 0x194c  CryptSvc - ok
18:26:24.0172 0x194c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:26:24.0251 0x194c  DcomLaunch - ok
18:26:24.0329 0x194c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:26:24.0391 0x194c  defragsvc - ok
18:26:24.0438 0x194c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:26:24.0485 0x194c  DfsC - ok
18:26:24.0563 0x194c  [ E428DFFA96FAD07D8CA3C9082563A225, F3D2E94A9FF2CF68CC99A8B42B8DEA5E57D46000D1845DC0908224493480C79F ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
18:26:24.0578 0x194c  dg_ssudbus - ok
18:26:24.0641 0x194c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:26:24.0703 0x194c  Dhcp - ok
18:26:24.0812 0x194c  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
18:26:24.0890 0x194c  DiagTrack - ok
18:26:24.0906 0x194c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:26:24.0953 0x194c  discache - ok
18:26:24.0999 0x194c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:26:25.0031 0x194c  Disk - ok
18:26:25.0046 0x194c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:26:25.0077 0x194c  Dnscache - ok
18:26:25.0124 0x194c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:26:25.0171 0x194c  dot3svc - ok
18:26:25.0187 0x194c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:26:25.0233 0x194c  DPS - ok
18:26:25.0311 0x194c  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:26:25.0358 0x194c  drmkaud - ok
18:26:25.0405 0x194c  [ 470F7F19188AB45463F8B612D6DDE7C8, 4D25C534B2458CBC810C751F3FD7CE7ACE9E17CCD1415FB70D88A5BC4794EA09 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
18:26:25.0421 0x194c  DsiWMIService - ok
18:26:25.0530 0x194c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:26:25.0561 0x194c  DXGKrnl - ok
18:26:25.0608 0x194c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:26:25.0655 0x194c  EapHost - ok
18:26:25.0795 0x194c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:26:25.0904 0x194c  ebdrv - ok
18:26:25.0951 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] EFS             C:\Windows\System32\lsass.exe
18:26:26.0029 0x194c  EFS - ok
18:26:26.0123 0x194c  [ 03E6888DA1A85ACF14AC2A3C328A9E62, 120A7A10F6DAC991B91BFEC5430FD9F929E173AB513891B229F19A9BA4EC3998 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
18:26:26.0154 0x194c  EgisTec Ticket Service - ok
18:26:26.0279 0x194c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:26:26.0341 0x194c  ehRecvr - ok
18:26:26.0403 0x194c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:26:26.0450 0x194c  ehSched - ok
18:26:26.0466 0x194c  [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
18:26:26.0481 0x194c  ElbyCDIO - ok
18:26:26.0528 0x194c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:26:26.0559 0x194c  elxstor - ok
18:26:26.0606 0x194c  [ 8E12D885D17EC5FA4F52D2C6E953E285, A39F9FF88A6401030FCDE47E4504A297FB590751C74627181EC42F1E298CED8E ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
18:26:26.0637 0x194c  ePowerSvc - ok
18:26:26.0700 0x194c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:26:26.0715 0x194c  ErrDev - ok
18:26:26.0762 0x194c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:26:26.0809 0x194c  EventSystem - ok
18:26:26.0871 0x194c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:26:26.0949 0x194c  exfat - ok
18:26:26.0981 0x194c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:26:27.0027 0x194c  fastfat - ok
18:26:27.0137 0x194c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:26:27.0215 0x194c  Fax - ok
18:26:27.0261 0x194c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:26:27.0324 0x194c  fdc - ok
18:26:27.0371 0x194c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:26:27.0464 0x194c  fdPHost - ok
18:26:27.0480 0x194c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:26:27.0542 0x194c  FDResPub - ok
18:26:27.0589 0x194c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:26:27.0589 0x194c  FileInfo - ok
18:26:27.0589 0x194c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:26:27.0651 0x194c  Filetrace - ok
18:26:27.0714 0x194c  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:26:27.0729 0x194c  FLEXnet Licensing Service - ok
18:26:27.0776 0x194c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:26:27.0839 0x194c  flpydisk - ok
18:26:27.0901 0x194c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:26:27.0932 0x194c  FltMgr - ok
18:26:28.0041 0x194c  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
18:26:28.0135 0x194c  FontCache - ok
18:26:28.0213 0x194c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:26:28.0229 0x194c  FontCache3.0.0.0 - ok
18:26:28.0385 0x194c  [ 75F3D3CA2B3C4A93CC6042EC9B9B7C2A, B6D85420F1ADF027972BC78EAEA5E4F2F6D259E19E714B0B4DADF34BAC4C92E6 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
18:26:28.0431 0x194c  Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
18:26:30.0959 0x194c  Freemake Improver ( UnsignedFile.Multi.Generic ) - warning
18:26:33.0486 0x194c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:26:33.0486 0x194c  FsDepends - ok
18:26:33.0517 0x194c  [ 8DE1B4F579F8F8897409856F3BB7A7D2, F6F6B2450951E875C3C236F7798F960FD4433EE6B0C57132CB3D32126BEE34E0 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
18:26:33.0533 0x194c  fssfltr - ok
18:26:33.0657 0x194c  [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:26:33.0689 0x194c  fsssvc - ok
18:26:33.0735 0x194c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:26:33.0751 0x194c  Fs_Rec - ok
18:26:33.0798 0x194c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:26:33.0813 0x194c  fvevol - ok
18:26:33.0860 0x194c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:26:33.0860 0x194c  gagp30kx - ok
18:26:33.0907 0x194c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:26:33.0938 0x194c  GEARAspiWDM - ok
18:26:34.0001 0x194c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:26:34.0079 0x194c  gpsvc - ok
18:26:34.0141 0x194c  [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
18:26:34.0172 0x194c  GREGService - ok
18:26:34.0203 0x194c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:26:34.0266 0x194c  hcw85cir - ok
18:26:34.0328 0x194c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:26:34.0375 0x194c  HdAudAddService - ok
18:26:34.0406 0x194c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:26:34.0437 0x194c  HDAudBus - ok
18:26:34.0469 0x194c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:26:34.0500 0x194c  HidBatt - ok
18:26:34.0515 0x194c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:26:34.0562 0x194c  HidBth - ok
18:26:34.0593 0x194c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:26:34.0625 0x194c  HidIr - ok
18:26:34.0656 0x194c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
18:26:34.0687 0x194c  hidserv - ok
18:26:34.0749 0x194c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:26:34.0796 0x194c  HidUsb - ok
18:26:34.0843 0x194c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:26:34.0890 0x194c  hkmsvc - ok
18:26:34.0921 0x194c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:26:34.0983 0x194c  HomeGroupListener - ok
18:26:35.0030 0x194c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:26:35.0061 0x194c  HomeGroupProvider - ok
18:26:35.0155 0x194c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:26:35.0171 0x194c  HpSAMD - ok
18:26:35.0264 0x194c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:26:35.0327 0x194c  HTTP - ok
18:26:35.0373 0x194c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:26:35.0405 0x194c  hwpolicy - ok
18:26:35.0467 0x194c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:26:35.0483 0x194c  i8042prt - ok
18:26:35.0529 0x194c  [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:26:35.0561 0x194c  iaStor - ok
18:26:35.0623 0x194c  [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:26:35.0639 0x194c  IAStorDataMgrSvc - ok
18:26:35.0670 0x194c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:26:35.0685 0x194c  iaStorV - ok
18:26:35.0779 0x194c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:26:35.0795 0x194c  idsvc - ok
18:26:35.0841 0x194c  IEEtwCollectorService - ok
18:26:35.0873 0x194c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:26:35.0873 0x194c  iirsp - ok
18:26:35.0982 0x194c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:26:36.0013 0x194c  IKEEXT - ok
18:26:36.0153 0x194c  [ F4C031439501F6C1D336A36D7CB58F4F, DAFE481F0AA5242E75A681706DA7D97D68E6A89FB31F3A298945CF7EA5DE4184 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:26:36.0216 0x194c  IntcAzAudAddService - ok
18:26:36.0263 0x194c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:26:36.0278 0x194c  intelide - ok
18:26:36.0309 0x194c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:26:36.0341 0x194c  intelppm - ok
18:26:36.0372 0x194c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:26:36.0419 0x194c  IPBusEnum - ok
18:26:36.0465 0x194c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:26:36.0528 0x194c  IpFilterDriver - ok
18:26:36.0590 0x194c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:26:36.0653 0x194c  iphlpsvc - ok
18:26:36.0699 0x194c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:26:36.0762 0x194c  IPMIDRV - ok
18:26:36.0793 0x194c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:26:36.0871 0x194c  IPNAT - ok
18:26:36.0980 0x194c  [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:26:37.0011 0x194c  iPod Service - ok
18:26:37.0027 0x194c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:26:37.0105 0x194c  IRENUM - ok
18:26:37.0121 0x194c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:26:37.0136 0x194c  isapnp - ok
18:26:37.0199 0x194c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:26:37.0230 0x194c  iScsiPrt - ok
18:26:37.0245 0x194c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
18:26:37.0261 0x194c  kbdclass - ok
18:26:37.0308 0x194c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:26:37.0323 0x194c  kbdhid - ok
18:26:37.0339 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] KeyIso          C:\Windows\system32\lsass.exe
18:26:37.0355 0x194c  KeyIso - ok
18:26:37.0401 0x194c  [ 211A379BAAB812A7B437319BD85B2435, 4C8B82817B735BEFC0C8E2A42C7EF547D1C179561D3C97B3067B5EA3408F9E4D ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:26:37.0417 0x194c  KSecDD - ok
18:26:37.0433 0x194c  [ CC1B3B52F33CBC1CE60867DA4E23537C, A373DBCE6A53B77F59D9C83E243E5C1A2B4C38571CA28198229730D612561978 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:26:37.0448 0x194c  KSecPkg - ok
18:26:37.0464 0x194c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:26:37.0495 0x194c  ksthunk - ok
18:26:37.0526 0x194c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:26:37.0589 0x194c  KtmRm - ok
18:26:37.0620 0x194c  [ 0E154DA6CA9105354A07D0C576804037, 10A7F6E2A031C2D96B362411DCA2C347E7D7B6ADED9021674E0E633AB9F45D7B ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
18:26:37.0635 0x194c  L1C - ok
18:26:37.0698 0x194c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
18:26:37.0791 0x194c  LanmanServer - ok
18:26:37.0838 0x194c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:26:37.0916 0x194c  LanmanWorkstation - ok
18:26:38.0493 0x194c  [ 8FB6D64CB42E660C4534D38013D64A03, 11A6A914E8588DDFDE32D12A858BA8A31783B5DDB42C9E7FD0F237D57A437976 ] LavasoftTcpService C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
18:26:38.0571 0x194c  LavasoftTcpService - ok
18:26:38.0618 0x194c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:26:38.0712 0x194c  lltdio - ok
18:26:38.0759 0x194c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:26:38.0852 0x194c  lltdsvc - ok
18:26:38.0883 0x194c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:26:38.0930 0x194c  lmhosts - ok
18:26:39.0008 0x194c  [ 926EBA26A8B49D1597751CED06B50862, 886FC610E379BD77146ADDC376D77437D88B593C7F1C3FEE2B93D934A67310F8 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:26:39.0039 0x194c  LMS - ok
18:26:39.0071 0x194c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:26:39.0086 0x194c  LSI_FC - ok
18:26:39.0102 0x194c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:26:39.0102 0x194c  LSI_SAS - ok
18:26:39.0117 0x194c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:26:39.0133 0x194c  LSI_SAS2 - ok
18:26:39.0133 0x194c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:26:39.0149 0x194c  LSI_SCSI - ok
18:26:39.0180 0x194c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:26:39.0211 0x194c  luafv - ok
18:26:39.0258 0x194c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:26:39.0273 0x194c  Mcx2Svc - ok
18:26:39.0289 0x194c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:26:39.0305 0x194c  megasas - ok
18:26:39.0336 0x194c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:26:39.0351 0x194c  MegaSR - ok
18:26:39.0383 0x194c  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:26:39.0398 0x194c  MEIx64 - ok
18:26:39.0476 0x194c  Microsoft SharePoint Workspace Audit Service - ok
18:26:39.0539 0x194c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:26:39.0585 0x194c  MMCSS - ok
18:26:39.0617 0x194c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:26:39.0710 0x194c  Modem - ok
18:26:39.0757 0x194c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:26:39.0788 0x194c  monitor - ok
18:26:39.0866 0x194c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:26:39.0897 0x194c  mouclass - ok
18:26:39.0913 0x194c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:26:39.0960 0x194c  mouhid - ok
18:26:40.0022 0x194c  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:26:40.0053 0x194c  mountmgr - ok
18:26:40.0178 0x194c  [ 63282F5EB7E5BFB58FD1EC93C6ADB457, 25096C4AE319E854153C75DCEC0A67A63F6B05FDD0B49D4D373724B3BF55D665 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:26:40.0209 0x194c  MozillaMaintenance - ok
18:26:40.0319 0x194c  [ DA0FAEE45D6F03D7647851A20977A7D0, AFB1EA053CD4BCA903868896D020205D4C207C85314E6C56C4663922A3F9BD6A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
18:26:40.0350 0x194c  MpFilter - ok
18:26:40.0365 0x194c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:26:40.0365 0x194c  mpio - ok
18:26:40.0397 0x194c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:26:40.0443 0x194c  mpsdrv - ok
18:26:40.0506 0x194c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:26:40.0553 0x194c  MpsSvc - ok
18:26:40.0615 0x194c  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:26:40.0693 0x194c  MRxDAV - ok
18:26:40.0755 0x194c  [ 07F8F6B0CAEC7ADD30EBD94940A315D7, 288429A146B74E88D93C5BC19D878A42AC6F411EE31D9A6D36A2A2FFCF7B9436 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:26:40.0833 0x194c  mrxsmb - ok
18:26:40.0880 0x194c  [ 8856E45D23BFF4D977BF06D0543BCD96, 0066C061A3516A16C2477590859865E46E522A290CCE17C3EC1B69F81E466E9E ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:26:40.0927 0x194c  mrxsmb10 - ok
18:26:40.0989 0x194c  [ 8D383CED28332B5F3894658857472F47, CB3872543D08C6432CF884C11A5897637A6FC7E9AC40F424444BAAA49C9FC32A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:26:41.0036 0x194c  mrxsmb20 - ok
18:26:41.0067 0x194c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:26:41.0099 0x194c  msahci - ok
18:26:41.0145 0x194c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:26:41.0177 0x194c  msdsm - ok
18:26:41.0192 0x194c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:26:41.0223 0x194c  MSDTC - ok
18:26:41.0270 0x194c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:26:41.0348 0x194c  Msfs - ok
18:26:41.0364 0x194c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:26:41.0395 0x194c  mshidkmdf - ok
18:26:41.0442 0x194c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:26:41.0473 0x194c  msisadrv - ok
18:26:41.0504 0x194c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:26:41.0582 0x194c  MSiSCSI - ok
18:26:41.0582 0x194c  msiserver - ok
18:26:41.0629 0x194c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:26:41.0660 0x194c  MSKSSRV - ok
18:26:41.0769 0x194c  [ C66FE30BBA4604A06EE9E4180ABE4BD9, 43E60C15C05FF19082142BB9D1F29D1B3269AD4A7FB32AF109AE63FE5A6AA0A9 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:26:41.0801 0x194c  MsMpSvc - ok
18:26:41.0847 0x194c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:26:41.0910 0x194c  MSPCLOCK - ok
18:26:41.0925 0x194c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:26:41.0988 0x194c  MSPQM - ok
18:26:42.0050 0x194c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:26:42.0081 0x194c  MsRPC - ok
18:26:42.0128 0x194c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:26:42.0159 0x194c  mssmbios - ok
18:26:42.0175 0x194c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:26:42.0222 0x194c  MSTEE - ok
18:26:42.0237 0x194c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:26:42.0269 0x194c  MTConfig - ok
18:26:42.0300 0x194c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:26:42.0315 0x194c  Mup - ok
18:26:42.0331 0x194c  [ 9B1EAC6FAF6F37305E822F5588DC8056, AE0DC044159BB03EE8A39AE0682C8F6A78D89AD5A6192E7006D75850ECD50E9D ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
18:26:42.0347 0x194c  mwlPSDFilter - ok
18:26:42.0362 0x194c  [ AD55C1524B296280ED9C6E0D730D35DA, 8E5F9652CFCB325E131CEB2E4871126EB6F940DF7894B2E7F8241F1EF69920ED ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
18:26:42.0362 0x194c  mwlPSDNServ - ok
18:26:42.0393 0x194c  [ 2B599E6EC8843637BDD62E7F8F3BA201, 51EE657FC6CA4F2BCC24573B27379231EF30920A559423A860A278C59F4B9F98 ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
18:26:42.0409 0x194c  mwlPSDVDisk - ok
18:26:42.0487 0x194c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:26:42.0581 0x194c  napagent - ok
18:26:42.0643 0x194c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:26:42.0705 0x194c  NativeWifiP - ok
18:26:42.0830 0x194c  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:26:42.0861 0x194c  NDIS - ok
18:26:42.0893 0x194c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:26:42.0971 0x194c  NdisCap - ok
18:26:43.0017 0x194c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:26:43.0033 0x194c  NdisTapi - ok
18:26:43.0095 0x194c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:26:43.0158 0x194c  Ndisuio - ok
18:26:43.0220 0x194c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:26:43.0298 0x194c  NdisWan - ok
18:26:43.0329 0x194c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:26:43.0392 0x194c  NDProxy - ok
18:26:43.0439 0x194c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:26:43.0532 0x194c  NetBIOS - ok
18:26:43.0610 0x194c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:26:43.0673 0x194c  NetBT - ok
18:26:43.0704 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] Netlogon        C:\Windows\system32\lsass.exe
18:26:43.0704 0x194c  Netlogon - ok
18:26:43.0766 0x194c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:26:43.0813 0x194c  Netman - ok
18:26:43.0875 0x194c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:43.0891 0x194c  NetMsmqActivator - ok
18:26:43.0907 0x194c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:43.0907 0x194c  NetPipeActivator - ok
18:26:43.0985 0x194c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:26:44.0078 0x194c  netprofm - ok
18:26:44.0109 0x194c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:44.0125 0x194c  NetTcpActivator - ok
18:26:44.0125 0x194c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:44.0141 0x194c  NetTcpPortSharing - ok
18:26:44.0172 0x194c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:26:44.0187 0x194c  nfrd960 - ok
18:26:44.0250 0x194c  [ 6D79C8CB73187FBEAAD1F680FADF98D3, 0075B2CCC4FFF929023F95686D7BBE32C0FCE05DEB2159C0784AF85D64E1B66E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:26:44.0281 0x194c  NisDrv - ok
18:26:44.0375 0x194c  [ B8F4F580638373FBF72F2B572446D294, A5CD9ABCA5CDC335D2C6FDCB81327B600150E45BB867B88859A00AF974B42F85 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
18:26:44.0406 0x194c  NisSrv - ok
18:26:44.0453 0x194c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:26:44.0546 0x194c  NlaSvc - ok
18:26:44.0593 0x194c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:26:44.0640 0x194c  Npfs - ok
18:26:44.0671 0x194c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:26:44.0749 0x194c  nsi - ok
18:26:44.0796 0x194c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:26:44.0889 0x194c  nsiproxy - ok
18:26:44.0967 0x194c  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:26:45.0014 0x194c  Ntfs - ok
18:26:45.0108 0x194c  [ D27A4546417ED7C4AEA7B3420D4F1F50, 8D52FF7D2C6E338E2E8B414F0FE9ED296A901CB38BCFF8814B1ECE52D8D1599D ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
18:26:45.0123 0x194c  NTI IScheduleSvc - ok
18:26:45.0155 0x194c  [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
18:26:45.0155 0x194c  NTIDrvr - ok
18:26:45.0170 0x194c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:26:45.0217 0x194c  Null - ok
18:26:45.0264 0x194c  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
18:26:45.0326 0x194c  nusb3hub - ok
18:26:45.0357 0x194c  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
18:26:45.0389 0x194c  nusb3xhc - ok
18:26:45.0435 0x194c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:26:45.0451 0x194c  nvraid - ok
18:26:45.0467 0x194c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:26:45.0498 0x194c  nvstor - ok
18:26:45.0529 0x194c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:26:45.0545 0x194c  nv_agp - ok
18:26:45.0591 0x194c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:26:45.0623 0x194c  ohci1394 - ok
18:26:45.0716 0x194c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:26:45.0747 0x194c  ose - ok
18:26:46.0013 0x194c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:26:46.0137 0x194c  osppsvc - ok
18:26:46.0200 0x194c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:26:46.0278 0x194c  p2pimsvc - ok
18:26:46.0309 0x194c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:26:46.0371 0x194c  p2psvc - ok
18:26:46.0418 0x194c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:26:46.0418 0x194c  Parport - ok
18:26:46.0481 0x194c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:26:46.0496 0x194c  partmgr - ok
18:26:46.0543 0x194c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:26:46.0590 0x194c  PcaSvc - ok
18:26:46.0605 0x194c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:26:46.0621 0x194c  pci - ok
18:26:46.0652 0x194c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:26:46.0668 0x194c  pciide - ok
18:26:46.0683 0x194c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:26:46.0699 0x194c  pcmcia - ok
18:26:46.0715 0x194c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:26:46.0730 0x194c  pcw - ok
18:26:46.0808 0x194c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:26:46.0855 0x194c  PEAUTH - ok
18:26:46.0933 0x194c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:26:46.0949 0x194c  PerfHost - ok
18:26:47.0073 0x194c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:26:47.0136 0x194c  pla - ok
18:26:47.0167 0x194c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:26:47.0198 0x194c  PlugPlay - ok
18:26:47.0229 0x194c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:26:47.0245 0x194c  PNRPAutoReg - ok
18:26:47.0261 0x194c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:26:47.0276 0x194c  PNRPsvc - ok
18:26:47.0307 0x194c  [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64         C:\Windows\system32\DRIVERS\point64.sys
18:26:47.0323 0x194c  Point64 - ok
18:26:47.0401 0x194c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:26:47.0463 0x194c  PolicyAgent - ok
18:26:47.0510 0x194c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:26:47.0557 0x194c  Power - ok
18:26:47.0619 0x194c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:26:47.0697 0x194c  PptpMiniport - ok
18:26:47.0729 0x194c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:26:47.0775 0x194c  Processor - ok
18:26:47.0807 0x194c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:26:47.0885 0x194c  ProfSvc - ok
18:26:47.0885 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:26:47.0916 0x194c  ProtectedStorage - ok
18:26:47.0978 0x194c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:26:48.0056 0x194c  Psched - ok
18:26:48.0165 0x194c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:26:48.0197 0x194c  ql2300 - ok
18:26:48.0259 0x194c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:26:48.0290 0x194c  ql40xx - ok
18:26:48.0321 0x194c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:26:48.0353 0x194c  QWAVE - ok
18:26:48.0368 0x194c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:26:48.0384 0x194c  QWAVEdrv - ok
18:26:48.0415 0x194c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:26:48.0462 0x194c  RasAcd - ok
18:26:48.0524 0x194c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:26:48.0618 0x194c  RasAgileVpn - ok
18:26:48.0633 0x194c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:26:48.0680 0x194c  RasAuto - ok
18:26:48.0743 0x194c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:26:48.0789 0x194c  Rasl2tp - ok
18:26:48.0836 0x194c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:26:48.0867 0x194c  RasMan - ok
18:26:48.0899 0x194c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:26:48.0945 0x194c  RasPppoe - ok
18:26:48.0977 0x194c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:26:49.0023 0x194c  RasSstp - ok
18:26:49.0086 0x194c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:26:49.0133 0x194c  rdbss - ok
18:26:49.0179 0x194c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:26:49.0226 0x194c  rdpbus - ok
18:26:49.0273 0x194c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:26:49.0335 0x194c  RDPCDD - ok
18:26:49.0351 0x194c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:26:49.0445 0x194c  RDPENCDD - ok
18:26:49.0460 0x194c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:26:49.0507 0x194c  RDPREFMP - ok
18:26:49.0632 0x194c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:26:49.0663 0x194c  RdpVideoMiniport - ok
18:26:49.0725 0x194c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:26:49.0788 0x194c  RDPWD - ok
18:26:49.0850 0x194c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:26:49.0881 0x194c  rdyboost - ok
18:26:49.0913 0x194c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:26:49.0975 0x194c  RemoteAccess - ok
18:26:50.0022 0x194c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:26:50.0084 0x194c  RemoteRegistry - ok
18:26:50.0100 0x194c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:26:50.0131 0x194c  RpcEptMapper - ok
18:26:50.0162 0x194c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:26:50.0193 0x194c  RpcLocator - ok
18:26:50.0240 0x194c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
18:26:50.0271 0x194c  RpcSs - ok
18:26:50.0303 0x194c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:26:50.0349 0x194c  rspndr - ok
18:26:50.0396 0x194c  [ 9BEB5F18A418FF70659CE2E356829568, 8E327A99E68B5F9028778F5845719D00C590882B8609AF66D97DA880D537C937 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
18:26:50.0412 0x194c  RSUSBSTOR - ok
18:26:50.0427 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] SamSs           C:\Windows\system32\lsass.exe
18:26:50.0427 0x194c  SamSs - ok
18:26:50.0490 0x194c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:26:50.0521 0x194c  sbp2port - ok
18:26:50.0552 0x194c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:26:50.0599 0x194c  SCardSvr - ok
18:26:50.0646 0x194c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:26:50.0708 0x194c  scfilter - ok
18:26:50.0817 0x194c  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
18:26:50.0864 0x194c  Schedule - ok
18:26:50.0911 0x194c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:26:50.0973 0x194c  SCPolicySvc - ok
18:26:51.0020 0x194c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:26:51.0098 0x194c  SDRSVC - ok
18:26:51.0145 0x194c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:26:51.0176 0x194c  secdrv - ok
18:26:51.0223 0x194c  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
18:26:51.0317 0x194c  seclogon - ok
18:26:51.0348 0x194c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
18:26:51.0410 0x194c  SENS - ok
18:26:51.0441 0x194c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:26:51.0504 0x194c  SensrSvc - ok
18:26:51.0551 0x194c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:26:51.0551 0x194c  Serenum - ok
18:26:51.0597 0x194c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:26:51.0644 0x194c  Serial - ok
18:26:51.0722 0x194c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:26:51.0769 0x194c  sermouse - ok
18:26:51.0816 0x194c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:26:51.0878 0x194c  SessionEnv - ok
18:26:51.0925 0x194c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:26:51.0972 0x194c  sffdisk - ok
18:26:52.0003 0x194c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:26:52.0034 0x194c  sffp_mmc - ok
18:26:52.0065 0x194c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:26:52.0112 0x194c  sffp_sd - ok
18:26:52.0159 0x194c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:26:52.0206 0x194c  sfloppy - ok
18:26:52.0253 0x194c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:26:52.0331 0x194c  SharedAccess - ok
18:26:52.0393 0x194c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:26:52.0455 0x194c  ShellHWDetection - ok
18:26:52.0487 0x194c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:26:52.0487 0x194c  SiSRaid2 - ok
18:26:52.0549 0x194c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:26:52.0549 0x194c  SiSRaid4 - ok
18:26:52.0596 0x194c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:26:52.0658 0x194c  Smb - ok
18:26:52.0705 0x194c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:26:52.0721 0x194c  SNMPTRAP - ok
18:26:52.0752 0x194c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:26:52.0783 0x194c  spldr - ok
18:26:52.0861 0x194c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:26:52.0908 0x194c  Spooler - ok
18:26:53.0048 0x194c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:26:53.0173 0x194c  sppsvc - ok
18:26:53.0220 0x194c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:26:53.0298 0x194c  sppuinotify - ok
18:26:53.0329 0x194c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:26:53.0407 0x194c  srv - ok
18:26:53.0454 0x194c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:26:53.0485 0x194c  srv2 - ok
18:26:53.0516 0x194c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:26:53.0563 0x194c  srvnet - ok
18:26:53.0610 0x194c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:26:53.0735 0x194c  SSDPSRV - ok
18:26:53.0750 0x194c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:26:53.0781 0x194c  SstpSvc - ok
18:26:53.0875 0x194c  [ AAF6F247F1DC370C593B4430974EAD9C, 232D0D62EC83A5537ADB28B5DC01074BA812FE6C70C54F70CD7A5EF1BC19D3E1 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
18:26:53.0922 0x194c  ssudmdm - ok
18:26:53.0953 0x194c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:26:53.0969 0x194c  stexstor - ok
18:26:54.0031 0x194c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:26:54.0078 0x194c  stisvc - ok
18:26:54.0125 0x194c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:26:54.0140 0x194c  swenum - ok
18:26:54.0171 0x194c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:26:54.0218 0x194c  swprv - ok
18:26:54.0281 0x194c  [ EF51B22706DB03F0857FADE127C804EC, F3A97B8D94E96ACF93448CDF33DED97B076C3D8FFE42E9EAD088EE662306277B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:26:54.0327 0x194c  SynTP - ok
18:26:54.0421 0x194c  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
18:26:54.0530 0x194c  SysMain - ok
18:26:54.0577 0x194c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:26:54.0593 0x194c  TabletInputService - ok
18:26:54.0624 0x194c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:26:54.0671 0x194c  TapiSrv - ok
18:26:54.0717 0x194c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:26:54.0733 0x194c  TBS - ok
18:26:54.0842 0x194c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:26:54.0905 0x194c  Tcpip - ok
18:26:54.0967 0x194c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:26:55.0014 0x194c  TCPIP6 - ok
18:26:55.0061 0x194c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:26:55.0092 0x194c  tcpipreg - ok
18:26:55.0123 0x194c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:26:55.0170 0x194c  TDPIPE - ok
18:26:55.0232 0x194c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:26:55.0248 0x194c  TDTCP - ok
18:26:55.0310 0x194c  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:26:55.0357 0x194c  tdx - ok
18:26:55.0388 0x194c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:26:55.0404 0x194c  TermDD - ok
18:26:55.0497 0x194c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
18:26:55.0575 0x194c  TermService - ok
18:26:55.0607 0x194c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:26:55.0638 0x194c  Themes - ok
18:26:55.0669 0x194c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:26:55.0700 0x194c  THREADORDER - ok
18:26:55.0731 0x194c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:26:55.0763 0x194c  TrkWks - ok
18:26:55.0809 0x194c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:26:55.0856 0x194c  TrustedInstaller - ok
18:26:55.0887 0x194c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:26:55.0903 0x194c  tssecsrv - ok
18:26:55.0950 0x194c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:26:55.0981 0x194c  TsUsbFlt - ok
18:26:56.0059 0x194c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:26:56.0106 0x194c  tunnel - ok
18:26:56.0153 0x194c  [ 48743B69EA47C020A792D8649F753F44, 58BFF60271F62F5CB02A1181F44E94C230DF4A6EC5C072A476B2BED13239A70C ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
18:26:56.0168 0x194c  TurboB - ok
18:26:56.0184 0x194c  [ 759F59E3EA3802FF23F93DCDB6FE9171, DB5A6C1EDA10380C14A8C318D6C65ED691C36F726A6A20DB3038D8F55F1B76D8 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
18:26:56.0199 0x194c  TurboBoost - ok
18:26:56.0231 0x194c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:26:56.0231 0x194c  uagp35 - ok
18:26:56.0246 0x194c  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
18:26:56.0262 0x194c  UBHelper - ok
18:26:56.0324 0x194c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:26:56.0387 0x194c  udfs - ok
18:26:56.0402 0x194c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:26:56.0433 0x194c  UI0Detect - ok
18:26:56.0465 0x194c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:26:56.0480 0x194c  uliagpkx - ok
18:26:56.0543 0x194c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
18:26:56.0574 0x194c  umbus - ok
18:26:56.0605 0x194c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:26:56.0636 0x194c  UmPass - ok
18:26:56.0823 0x194c  [ FDF92EC84FECEE834FB10A2A0A19BCDA, F81FCA3BEC10C84335DBAD9D2CDAB98C62252A864F23BDD482F97F86D5FA0B15 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:26:56.0901 0x194c  UNS - ok
18:26:56.0948 0x194c  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
18:26:56.0964 0x194c  Updater Service - ok
18:26:56.0995 0x194c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:26:57.0042 0x194c  upnphost - ok
18:26:57.0104 0x194c  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:26:57.0151 0x194c  USBAAPL64 - ok
18:26:57.0198 0x194c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:26:57.0213 0x194c  usbccgp - ok
18:26:57.0276 0x194c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:26:57.0323 0x194c  usbcir - ok
18:26:57.0369 0x194c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:26:57.0385 0x194c  usbehci - ok
18:26:57.0432 0x194c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:26:57.0447 0x194c  usbhub - ok
18:26:57.0463 0x194c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:26:57.0479 0x194c  usbohci - ok
18:26:57.0510 0x194c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:26:57.0525 0x194c  usbprint - ok
18:26:57.0588 0x194c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
18:26:57.0603 0x194c  usbscan - ok
18:26:57.0650 0x194c  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:26:57.0697 0x194c  USBSTOR - ok
18:26:57.0744 0x194c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:26:57.0759 0x194c  usbuhci - ok
18:26:57.0822 0x194c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:26:57.0884 0x194c  usbvideo - ok
18:26:57.0947 0x194c  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
18:26:57.0962 0x194c  usb_rndisx - ok
18:26:57.0993 0x194c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:26:58.0025 0x194c  UxSms - ok
18:26:58.0040 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:26:58.0040 0x194c  VaultSvc - ok
18:26:58.0103 0x194c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:26:58.0103 0x194c  vdrvroot - ok
18:26:58.0227 0x194c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:26:58.0274 0x194c  vds - ok
18:26:58.0321 0x194c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:26:58.0352 0x194c  vga - ok
18:26:58.0383 0x194c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:26:58.0430 0x194c  VgaSave - ok
18:26:58.0477 0x194c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:26:58.0493 0x194c  vhdmp - ok
18:26:58.0555 0x194c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:26:58.0555 0x194c  viaide - ok
18:26:58.0571 0x194c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:26:58.0586 0x194c  volmgr - ok
18:26:58.0633 0x194c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:26:58.0649 0x194c  volmgrx - ok
18:26:58.0680 0x194c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:26:58.0695 0x194c  volsnap - ok
18:26:58.0727 0x194c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:26:58.0727 0x194c  vsmraid - ok
18:26:58.0805 0x194c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:26:58.0883 0x194c  VSS - ok
18:26:58.0898 0x194c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:26:58.0945 0x194c  vwifibus - ok
18:26:58.0992 0x194c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:26:59.0023 0x194c  vwififlt - ok
18:26:59.0070 0x194c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:26:59.0085 0x194c  vwifimp - ok
18:26:59.0132 0x194c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:26:59.0195 0x194c  W32Time - ok
18:26:59.0210 0x194c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:26:59.0226 0x194c  WacomPen - ok
18:26:59.0288 0x194c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:26:59.0335 0x194c  WANARP - ok
18:26:59.0351 0x194c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:26:59.0366 0x194c  Wanarpv6 - ok
18:26:59.0444 0x194c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:26:59.0491 0x194c  wbengine - ok
18:26:59.0538 0x194c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:26:59.0569 0x194c  WbioSrvc - ok
18:26:59.0709 0x194c  [ B995CB950BBB00DB2BC7D02D693E5CC7, 6096A2C564B8A3263956BA2818B41D9CF37E29E3595638E48673A5D6705F7774 ] WCAssistantService C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
18:26:59.0725 0x194c  WCAssistantService - ok
18:26:59.0772 0x194c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:26:59.0819 0x194c  wcncsvc - ok
18:26:59.0850 0x194c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:26:59.0897 0x194c  WcsPlugInService - ok
18:26:59.0928 0x194c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:26:59.0928 0x194c  Wd - ok
18:27:00.0006 0x194c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:27:00.0037 0x194c  Wdf01000 - ok
18:27:00.0068 0x194c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:27:00.0115 0x194c  WdiServiceHost - ok
18:27:00.0115 0x194c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:27:00.0131 0x194c  WdiSystemHost - ok
18:27:00.0193 0x194c  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
18:27:00.0224 0x194c  WebClient - ok
18:27:00.0255 0x194c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:27:00.0302 0x194c  Wecsvc - ok
18:27:00.0333 0x194c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:27:00.0380 0x194c  wercplsupport - ok
18:27:00.0411 0x194c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:27:00.0443 0x194c  WerSvc - ok
18:27:00.0474 0x194c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:27:00.0505 0x194c  WfpLwf - ok
18:27:00.0521 0x194c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:27:00.0521 0x194c  WIMMount - ok
18:27:00.0552 0x194c  WinDefend - ok
18:27:00.0567 0x194c  WinHttpAutoProxySvc - ok
18:27:00.0614 0x194c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:27:00.0661 0x194c  Winmgmt - ok
18:27:00.0739 0x194c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
18:27:00.0833 0x194c  WinRM - ok
18:27:00.0911 0x194c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
18:27:00.0926 0x194c  WinUsb - ok
18:27:00.0973 0x194c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:27:01.0020 0x194c  Wlansvc - ok
18:27:01.0238 0x194c  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:27:01.0301 0x194c  wlidsvc - ok
18:27:01.0347 0x194c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:27:01.0379 0x194c  WmiAcpi - ok
18:27:01.0410 0x194c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:27:01.0425 0x194c  wmiApSrv - ok
18:27:01.0441 0x194c  WMPNetworkSvc - ok
18:27:01.0472 0x194c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:27:01.0488 0x194c  WPCSvc - ok
18:27:01.0535 0x194c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:27:01.0566 0x194c  WPDBusEnum - ok
18:27:01.0581 0x194c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:27:01.0628 0x194c  ws2ifsl - ok
18:27:01.0675 0x194c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
18:27:01.0722 0x194c  wscsvc - ok
18:27:01.0722 0x194c  WSearch - ok
18:27:01.0847 0x194c  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:27:01.0956 0x194c  wuauserv - ok
18:27:02.0003 0x194c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:27:02.0065 0x194c  WudfPf - ok
18:27:02.0096 0x194c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:27:02.0112 0x194c  WUDFRd - ok
18:27:02.0127 0x194c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:27:02.0159 0x194c  wudfsvc - ok
18:27:02.0205 0x194c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:27:02.0221 0x194c  WwanSvc - ok
18:27:02.0237 0x194c  ================ Scan global ===============================
18:27:02.0283 0x194c  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
18:27:02.0361 0x194c  [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
18:27:02.0377 0x194c  [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
18:27:02.0408 0x194c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:27:02.0486 0x194c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:27:02.0502 0x194c  [ Global ] - ok
18:27:02.0502 0x194c  ================ Scan MBR ==================================
18:27:02.0517 0x194c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:27:03.0500 0x194c  \Device\Harddisk0\DR0 - ok
18:27:03.0500 0x194c  ================ Scan VBR ==================================
18:27:03.0516 0x194c  [ AB2486A0FA37443338421535893287BB ] \Device\Harddisk0\DR0\Partition1
18:27:03.0547 0x194c  \Device\Harddisk0\DR0\Partition1 - ok
18:27:03.0563 0x194c  [ F3C5EFBC5666F01E270C48867AFF080D ] \Device\Harddisk0\DR0\Partition2
18:27:03.0594 0x194c  \Device\Harddisk0\DR0\Partition2 - ok
18:27:03.0594 0x194c  ================ Scan generic autorun ======================
18:27:03.0672 0x194c  [ 5FDFB8E924219645DD26D0FC378F8182, F704AED82B60D1B38E523E46F9788A65EF50D58439784DA6BF90E1C299994652 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
18:27:03.0703 0x194c  Acer ePower Management - ok
18:27:04.0093 0x194c  [ 238283A703AB55EA96168C81994671A5, 96FA85C882BDC0DF1B2207C9EB932FB2EA016E3C649FF1076DE7F0F83E258308 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:27:04.0187 0x0ee4  Object required for P2P: [ 63282F5EB7E5BFB58FD1EC93C6ADB457 ] MozillaMaintenance
18:27:04.0343 0x194c  RtHDVCpl - ok
18:27:04.0483 0x194c  [ BC5FA33CFDF1769C60FE89A7F8AA29B2, CCD36D9C4008B9AE425BB31517FF139D8E0C7DBB0D052AADE71D48936D164956 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:27:04.0530 0x194c  RtHDVBg - ok
18:27:04.0545 0x194c  IntelTBRunOnce - ok
18:27:04.0545 0x194c  SynTPEnh - ok
18:27:04.0686 0x194c  [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
18:27:04.0748 0x194c  IntelliPoint - ok
18:27:04.0873 0x194c  [ 68D45D36DD827738A2F2E8E21E53C193, C51BA0A2A40D320663BE5BF2519A61B831E12FEBB349E638246E87408AD02B84 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
18:27:04.0935 0x194c  CanonMyPrinter - ok
18:27:05.0045 0x194c  [ DD7B4F9E6B71A599FEF4BD9DA0AE57C2, 6B22356F74F7ED069A3FC39C62326AA98A70D0E860A2EB29A6C46F4077FB567A ] c:\Program Files\Microsoft Security Client\msseces.exe
18:27:05.0091 0x194c  MSC - ok
18:27:05.0185 0x194c  [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe
18:27:05.0201 0x194c  iTunesHelper - ok
18:27:05.0247 0x194c  [ C0B97E53A0E39A48EEA2DCD500EEA07A, 111FBD91850E52E61E6A4D8065BF56C9C6B89C55BA6312F726125F1CE4B09EE1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
18:27:05.0263 0x194c  IAStorIcon - ok
18:27:05.0357 0x194c  [ DED59B9CAFB20D0ABC4F15574209E09C, EB945F125C46316F8D1A4DA9039485A9223E77CAD6AF7E60E3EDF6644CF098CC ] C:\Program Files (x86)\Launch Manager\LManager.exe
18:27:05.0403 0x194c  LManager - ok
18:27:05.0481 0x194c  [ 4DDE3E01B5020B3D5DEEC7E3DC0F3185, C7315F3521EE461027A3DDE7CFC0EA4F8E705A98F9292284BB20620D7F34DDE9 ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
18:27:05.0513 0x194c  BackupManagerTray - ok
18:27:05.0544 0x194c  [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
18:27:05.0544 0x194c  NUSB3MON - ok
18:27:05.0622 0x194c  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe
18:27:05.0637 0x194c  MDS_Menu - ok
18:27:05.0731 0x194c  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
18:27:05.0762 0x194c  BCSSync - ok
18:27:05.0871 0x194c  [ 07447CE7F63DB2904AB0D3431A3EB2E5, F2F0F864171A78B65F12338F0DEB867E0C83D1484FFD0B08150B42CE37ACAB5A ] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
18:27:05.0903 0x194c  ProductUpdater - detected UnsignedFile.Multi.Generic ( 1 )
18:27:06.0761 0x0ee4  Object send P2P result: true
18:27:06.0761 0x0ee4  Object required for P2P: [ DA0FAEE45D6F03D7647851A20977A7D0 ] MpFilter
18:27:08.0352 0x194c  ProductUpdater ( UnsignedFile.Multi.Generic ) - warning
18:27:10.0901 0x194c  [ C9B67BCB8E384064A8C2263740B0C437, F2609406A84F3A8E256DD250F84A774EF43F92C9F8B373E297A99ACF95B3CCE4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:27:10.0932 0x194c  SunJavaUpdateSched - ok
18:27:11.0135 0x194c  [ B66E0842FCF485F3E2D41BF0BA10966F, 966B8386B2D060167E8EAAE478509013A8729FE2CF11F890D3F9DCDA90768F34 ] C:\Users\Anja Könemann-Meyer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
18:27:11.0182 0x194c  Spotify Web Helper - ok
18:27:11.0291 0x194c  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Anja Könemann-Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe
18:27:11.0322 0x194c  Dropbox Update - ok
18:27:11.0400 0x194c  [ 06F6DB72ADABC5E858F38EF69014CE52, B4AEABF3EA6FCABBED879D642BA070DF9C244E28DB5BDC3211205C7B8DB97BFB ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
18:27:11.0431 0x194c  OfficeSyncProcess - ok
18:27:11.0431 0x194c  Waiting for KSN requests completion. In queue: 256
18:27:11.0525 0x25b4  Object required for P2P: [ 68D45D36DD827738A2F2E8E21E53C193 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
18:27:12.0445 0x194c  Waiting for KSN requests completion. In queue: 246
18:27:12.0757 0x0ee4  Object send P2P result: true
18:27:12.0773 0x0ee4  Object required for P2P: [ 6D79C8CB73187FBEAAD1F680FADF98D3 ] NisDrv
18:27:13.0459 0x194c  Waiting for KSN requests completion. In queue: 202
18:27:14.0099 0x25b4  Object send P2P result: true
18:27:14.0473 0x194c  Waiting for KSN requests completion. In queue: 189
18:27:15.0347 0x0ee4  Object send P2P result: true
18:27:15.0378 0x0ee4  Object required for P2P: [ B995CB950BBB00DB2BC7D02D693E5CC7 ] WCAssistantService
18:27:15.0487 0x194c  Waiting for KSN requests completion. In queue: 23
         
__________________

Geändert von A-und-T (22.04.2016 um 17:28 Uhr)

Alt 22.04.2016, 17:24   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Standard

WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt



Ja, aber Du hast den Scan nicht wie beschrieben durchgeführt...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 22.04.2016, 17:30   #5
A-und-T
 
WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Standard

WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt





(Sorry. Nächstes Mal passe ich besser auf.). Leider zwei Befunde...
Gruß Thomas

Danke für die schnelle Erinnerung (*schäm*)


Code:
ATTFilter
18:25:38.0237 0x2518  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:25:40.0617 0x2518  ============================================================
18:25:40.0617 0x2518  Current date / time: 2016/04/22 18:25:40.0617
18:25:40.0617 0x2518  SystemInfo:
18:25:40.0617 0x2518  
18:25:40.0617 0x2518  OS Version: 6.1.7601 ServicePack: 1.0
18:25:40.0617 0x2518  Product type: Workstation
18:25:40.0617 0x2518  ComputerName: ANJAKÖNEMANN
18:25:40.0618 0x2518  UserName: Anja Könemann-Meyer
18:25:40.0618 0x2518  Windows directory: C:\Windows
18:25:40.0618 0x2518  System windows directory: C:\Windows
18:25:40.0618 0x2518  Running under WOW64
18:25:40.0618 0x2518  Processor architecture: Intel x64
18:25:40.0618 0x2518  Number of processors: 4
18:25:40.0618 0x2518  Page size: 0x1000
18:25:40.0618 0x2518  Boot type: Normal boot
18:25:40.0618 0x2518  ============================================================
18:25:40.0726 0x2518  KLMD registered as C:\Windows\system32\drivers\33704797.sys
18:25:41.0666 0x2518  System UUID: {CBE1F9E8-A01A-BD5E-5D46-27C9C1940AAB}
18:25:42.0191 0x2518  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:25:42.0195 0x2518  ============================================================
18:25:42.0195 0x2518  \Device\Harddisk0\DR0:
18:25:42.0195 0x2518  MBR partitions:
18:25:42.0195 0x2518  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
18:25:42.0195 0x2518  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x55713000
18:25:42.0195 0x2518  ============================================================
18:25:42.0224 0x2518  C: <-> \Device\Harddisk0\DR0\Partition2
18:25:42.0224 0x2518  ============================================================
18:25:42.0224 0x2518  Initialize success
18:25:42.0224 0x2518  ============================================================
18:26:13.0221 0x194c  ============================================================
18:26:13.0237 0x194c  Scan started
18:26:13.0237 0x194c  Mode: Manual; SigCheck; TDLFS; 
18:26:13.0237 0x194c  ============================================================
18:26:13.0237 0x194c  KSN ping started
18:26:15.0639 0x194c  KSN ping finished: true
18:26:16.0388 0x194c  ================ Scan system memory ========================
18:26:16.0388 0x194c  System memory - ok
18:26:16.0388 0x194c  ================ Scan services =============================
18:26:16.0653 0x194c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:26:16.0762 0x194c  1394ohci - ok
18:26:16.0809 0x194c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:26:16.0825 0x194c  ACPI - ok
18:26:16.0887 0x194c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:26:16.0981 0x194c  AcpiPmi - ok
18:26:17.0152 0x194c  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:26:17.0152 0x194c  AdobeARMservice - ok
18:26:17.0262 0x194c  [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:26:17.0277 0x194c  AdobeFlashPlayerUpdateSvc - ok
18:26:17.0324 0x194c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:26:17.0340 0x194c  adp94xx - ok
18:26:17.0371 0x194c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:26:17.0386 0x194c  adpahci - ok
18:26:17.0418 0x194c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:26:17.0433 0x194c  adpu320 - ok
18:26:17.0480 0x194c  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:26:17.0527 0x194c  AeLookupSvc - ok
18:26:17.0620 0x194c  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
18:26:17.0683 0x194c  AFD - ok
18:26:17.0730 0x194c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:26:17.0745 0x194c  agp440 - ok
18:26:17.0776 0x194c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:26:17.0792 0x194c  ALG - ok
18:26:17.0839 0x194c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:26:17.0854 0x194c  aliide - ok
18:26:17.0886 0x194c  [ 9CB927E76D3F65A02741A4D9A690178C, F94A931B3C8E94B54ED8D9F341D4DD5E21B27D681B3E418AC775684BF30C54DC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:26:17.0948 0x194c  AMD External Events Utility - ok
18:26:18.0010 0x194c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:26:18.0026 0x194c  amdide - ok
18:26:18.0057 0x194c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:26:18.0088 0x194c  AmdK8 - ok
18:26:18.0338 0x194c  [ B8660FB5431F136635FB6446AC67FAAE, 08D2C124530169579BF2BE7E6975AED57683A00FAC1945897AFC6822F7D51D2D ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:26:18.0510 0x194c  amdkmdag - ok
18:26:18.0619 0x194c  [ 5FC9D833F726383D9D60205F5A3CF16B, 0A5A4A63FF2224E5CF72C7C7DA82C2FD4B2BEE5EED5C5F63D25370F5560105EE ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:26:18.0666 0x194c  amdkmdap - ok
18:26:18.0712 0x194c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:26:18.0744 0x194c  AmdPPM - ok
18:26:18.0790 0x194c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:26:18.0806 0x194c  amdsata - ok
18:26:18.0837 0x194c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:26:18.0837 0x194c  amdsbs - ok
18:26:18.0853 0x194c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:26:18.0868 0x194c  amdxata - ok
18:26:18.0915 0x194c  [ 4887E13C3154816A9503E34FC05F2804, CA05D85C3B63EEB2836D50FF99CDA70DC56D7F67B4296EC50A7D250BBA2F57C4 ] AnyDVD          C:\Windows\system32\Drivers\AnyDVD.sys
18:26:18.0931 0x194c  AnyDVD - ok
18:26:19.0009 0x194c  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
18:26:19.0056 0x194c  AppID - ok
18:26:19.0071 0x194c  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:26:19.0102 0x194c  AppIDSvc - ok
18:26:19.0149 0x194c  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
18:26:19.0180 0x194c  Appinfo - ok
18:26:19.0336 0x194c  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:26:19.0368 0x194c  Apple Mobile Device Service - ok
18:26:19.0430 0x194c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:26:19.0461 0x194c  arc - ok
18:26:19.0477 0x194c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:26:19.0492 0x194c  arcsas - ok
18:26:19.0633 0x194c  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:26:19.0664 0x194c  aspnet_state - ok
18:26:19.0695 0x194c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:26:19.0804 0x194c  AsyncMac - ok
18:26:19.0882 0x194c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:26:19.0898 0x194c  atapi - ok
18:26:20.0023 0x194c  [ E642491F64E58CD5BC8FB8B347DCF65F, D457175EF3A0552CEA3DA78E7116D54BC2BF157857A8B764597B51FB4E29C033 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
18:26:20.0085 0x194c  athr - ok
18:26:20.0116 0x194c  [ 2D648572BA9A610952FCAFBA1E119C2D, 4CD7E7D3C878DEF8CC18A925EAB1E0E8E8893BE99DA1E1F78FE9AD12EF1C48BC ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
18:26:20.0116 0x194c  AtiHdmiService - ok
18:26:20.0226 0x194c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:26:20.0319 0x194c  AudioEndpointBuilder - ok
18:26:20.0335 0x194c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:26:20.0366 0x194c  AudioSrv - ok
18:26:20.0444 0x194c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:26:20.0553 0x194c  AxInstSV - ok
18:26:20.0647 0x194c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:26:20.0725 0x194c  b06bdrv - ok
18:26:20.0756 0x194c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:26:20.0803 0x194c  b57nd60a - ok
18:26:20.0834 0x194c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:26:20.0912 0x194c  BDESVC - ok
18:26:20.0943 0x194c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:26:21.0021 0x194c  Beep - ok
18:26:21.0130 0x194c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:26:21.0208 0x194c  BFE - ok
18:26:21.0302 0x194c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:26:21.0442 0x194c  BITS - ok
18:26:21.0489 0x194c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:26:21.0536 0x194c  blbdrive - ok
18:26:21.0614 0x194c  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:26:21.0645 0x194c  Bonjour Service - ok
18:26:21.0676 0x194c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:26:21.0708 0x194c  bowser - ok
18:26:21.0739 0x194c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:26:21.0770 0x194c  BrFiltLo - ok
18:26:21.0786 0x194c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:26:21.0801 0x194c  BrFiltUp - ok
18:26:21.0848 0x194c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
18:26:21.0879 0x194c  BridgeMP - ok
18:26:21.0926 0x194c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:26:21.0973 0x194c  Browser - ok
18:26:22.0004 0x194c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:26:22.0051 0x194c  Brserid - ok
18:26:22.0082 0x194c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:26:22.0113 0x194c  BrSerWdm - ok
18:26:22.0144 0x194c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:26:22.0176 0x194c  BrUsbMdm - ok
18:26:22.0191 0x194c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:26:22.0207 0x194c  BrUsbSer - ok
18:26:22.0222 0x194c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:26:22.0238 0x194c  BTHMODEM - ok
18:26:22.0269 0x194c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:26:22.0316 0x194c  bthserv - ok
18:26:22.0347 0x194c  catchme - ok
18:26:22.0378 0x194c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:26:22.0441 0x194c  cdfs - ok
18:26:22.0519 0x194c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:26:22.0550 0x194c  cdrom - ok
18:26:22.0612 0x194c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:26:22.0644 0x194c  CertPropSvc - ok
18:26:22.0690 0x194c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:26:22.0737 0x194c  circlass - ok
18:26:22.0784 0x194c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
18:26:22.0800 0x194c  CLFS - ok
18:26:22.0909 0x194c  [ 7AD6AD732247CC3D7A943465748C0D47, 5A1DD728077DE2B5FAFD0B3F51DF38E256C153A20F9CF571F2BB387507AD2088 ] CLKMSVC10_34E30CCC C:\Program Files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe
18:26:22.0924 0x194c  CLKMSVC10_34E30CCC - ok
18:26:22.0987 0x194c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:26:23.0002 0x194c  clr_optimization_v2.0.50727_32 - ok
18:26:23.0034 0x194c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:26:23.0049 0x194c  clr_optimization_v2.0.50727_64 - ok
18:26:23.0143 0x194c  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:26:23.0158 0x194c  clr_optimization_v4.0.30319_32 - ok
18:26:23.0174 0x194c  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:26:23.0190 0x194c  clr_optimization_v4.0.30319_64 - ok
18:26:23.0236 0x194c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:26:23.0283 0x194c  CmBatt - ok
18:26:23.0314 0x194c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:26:23.0346 0x194c  cmdide - ok
18:26:23.0455 0x194c  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:26:23.0486 0x194c  CNG - ok
18:26:23.0658 0x194c  [ 360959BBD4F451E1AB811F4304232766, 7BAA78590F2F656DC8D8C31EEDB7ED17B55C5EB3218A60A0EB90AFA323C01BCA ] CodeMeter.exe   C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
18:26:23.0720 0x194c  CodeMeter.exe - ok
18:26:23.0767 0x194c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:26:23.0767 0x194c  Compbatt - ok
18:26:23.0829 0x194c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:26:23.0892 0x194c  CompositeBus - ok
18:26:23.0923 0x194c  COMSysApp - ok
18:26:23.0938 0x194c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:26:23.0954 0x194c  crcdisk - ok
18:26:24.0016 0x194c  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:26:24.0079 0x194c  CryptSvc - ok
18:26:24.0172 0x194c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:26:24.0251 0x194c  DcomLaunch - ok
18:26:24.0329 0x194c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:26:24.0391 0x194c  defragsvc - ok
18:26:24.0438 0x194c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:26:24.0485 0x194c  DfsC - ok
18:26:24.0563 0x194c  [ E428DFFA96FAD07D8CA3C9082563A225, F3D2E94A9FF2CF68CC99A8B42B8DEA5E57D46000D1845DC0908224493480C79F ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
18:26:24.0578 0x194c  dg_ssudbus - ok
18:26:24.0641 0x194c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:26:24.0703 0x194c  Dhcp - ok
18:26:24.0812 0x194c  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
18:26:24.0890 0x194c  DiagTrack - ok
18:26:24.0906 0x194c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:26:24.0953 0x194c  discache - ok
18:26:24.0999 0x194c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:26:25.0031 0x194c  Disk - ok
18:26:25.0046 0x194c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:26:25.0077 0x194c  Dnscache - ok
18:26:25.0124 0x194c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:26:25.0171 0x194c  dot3svc - ok
18:26:25.0187 0x194c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:26:25.0233 0x194c  DPS - ok
18:26:25.0311 0x194c  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:26:25.0358 0x194c  drmkaud - ok
18:26:25.0405 0x194c  [ 470F7F19188AB45463F8B612D6DDE7C8, 4D25C534B2458CBC810C751F3FD7CE7ACE9E17CCD1415FB70D88A5BC4794EA09 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
18:26:25.0421 0x194c  DsiWMIService - ok
18:26:25.0530 0x194c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:26:25.0561 0x194c  DXGKrnl - ok
18:26:25.0608 0x194c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:26:25.0655 0x194c  EapHost - ok
18:26:25.0795 0x194c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:26:25.0904 0x194c  ebdrv - ok
18:26:25.0951 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] EFS             C:\Windows\System32\lsass.exe
18:26:26.0029 0x194c  EFS - ok
18:26:26.0123 0x194c  [ 03E6888DA1A85ACF14AC2A3C328A9E62, 120A7A10F6DAC991B91BFEC5430FD9F929E173AB513891B229F19A9BA4EC3998 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
18:26:26.0154 0x194c  EgisTec Ticket Service - ok
18:26:26.0279 0x194c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:26:26.0341 0x194c  ehRecvr - ok
18:26:26.0403 0x194c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:26:26.0450 0x194c  ehSched - ok
18:26:26.0466 0x194c  [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
18:26:26.0481 0x194c  ElbyCDIO - ok
18:26:26.0528 0x194c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:26:26.0559 0x194c  elxstor - ok
18:26:26.0606 0x194c  [ 8E12D885D17EC5FA4F52D2C6E953E285, A39F9FF88A6401030FCDE47E4504A297FB590751C74627181EC42F1E298CED8E ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
18:26:26.0637 0x194c  ePowerSvc - ok
18:26:26.0700 0x194c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:26:26.0715 0x194c  ErrDev - ok
18:26:26.0762 0x194c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:26:26.0809 0x194c  EventSystem - ok
18:26:26.0871 0x194c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:26:26.0949 0x194c  exfat - ok
18:26:26.0981 0x194c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:26:27.0027 0x194c  fastfat - ok
18:26:27.0137 0x194c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:26:27.0215 0x194c  Fax - ok
18:26:27.0261 0x194c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:26:27.0324 0x194c  fdc - ok
18:26:27.0371 0x194c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:26:27.0464 0x194c  fdPHost - ok
18:26:27.0480 0x194c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:26:27.0542 0x194c  FDResPub - ok
18:26:27.0589 0x194c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:26:27.0589 0x194c  FileInfo - ok
18:26:27.0589 0x194c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:26:27.0651 0x194c  Filetrace - ok
18:26:27.0714 0x194c  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:26:27.0729 0x194c  FLEXnet Licensing Service - ok
18:26:27.0776 0x194c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:26:27.0839 0x194c  flpydisk - ok
18:26:27.0901 0x194c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:26:27.0932 0x194c  FltMgr - ok
18:26:28.0041 0x194c  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
18:26:28.0135 0x194c  FontCache - ok
18:26:28.0213 0x194c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:26:28.0229 0x194c  FontCache3.0.0.0 - ok
18:26:28.0385 0x194c  [ 75F3D3CA2B3C4A93CC6042EC9B9B7C2A, B6D85420F1ADF027972BC78EAEA5E4F2F6D259E19E714B0B4DADF34BAC4C92E6 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
18:26:28.0431 0x194c  Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
18:26:30.0959 0x194c  Freemake Improver ( UnsignedFile.Multi.Generic ) - warning
18:26:33.0486 0x194c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:26:33.0486 0x194c  FsDepends - ok
18:26:33.0517 0x194c  [ 8DE1B4F579F8F8897409856F3BB7A7D2, F6F6B2450951E875C3C236F7798F960FD4433EE6B0C57132CB3D32126BEE34E0 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
18:26:33.0533 0x194c  fssfltr - ok
18:26:33.0657 0x194c  [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:26:33.0689 0x194c  fsssvc - ok
18:26:33.0735 0x194c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:26:33.0751 0x194c  Fs_Rec - ok
18:26:33.0798 0x194c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:26:33.0813 0x194c  fvevol - ok
18:26:33.0860 0x194c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:26:33.0860 0x194c  gagp30kx - ok
18:26:33.0907 0x194c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:26:33.0938 0x194c  GEARAspiWDM - ok
18:26:34.0001 0x194c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:26:34.0079 0x194c  gpsvc - ok
18:26:34.0141 0x194c  [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
18:26:34.0172 0x194c  GREGService - ok
18:26:34.0203 0x194c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:26:34.0266 0x194c  hcw85cir - ok
18:26:34.0328 0x194c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:26:34.0375 0x194c  HdAudAddService - ok
18:26:34.0406 0x194c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:26:34.0437 0x194c  HDAudBus - ok
18:26:34.0469 0x194c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:26:34.0500 0x194c  HidBatt - ok
18:26:34.0515 0x194c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:26:34.0562 0x194c  HidBth - ok
18:26:34.0593 0x194c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:26:34.0625 0x194c  HidIr - ok
18:26:34.0656 0x194c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
18:26:34.0687 0x194c  hidserv - ok
18:26:34.0749 0x194c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:26:34.0796 0x194c  HidUsb - ok
18:26:34.0843 0x194c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:26:34.0890 0x194c  hkmsvc - ok
18:26:34.0921 0x194c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:26:34.0983 0x194c  HomeGroupListener - ok
18:26:35.0030 0x194c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:26:35.0061 0x194c  HomeGroupProvider - ok
18:26:35.0155 0x194c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:26:35.0171 0x194c  HpSAMD - ok
18:26:35.0264 0x194c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:26:35.0327 0x194c  HTTP - ok
18:26:35.0373 0x194c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:26:35.0405 0x194c  hwpolicy - ok
18:26:35.0467 0x194c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:26:35.0483 0x194c  i8042prt - ok
18:26:35.0529 0x194c  [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:26:35.0561 0x194c  iaStor - ok
18:26:35.0623 0x194c  [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:26:35.0639 0x194c  IAStorDataMgrSvc - ok
18:26:35.0670 0x194c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:26:35.0685 0x194c  iaStorV - ok
18:26:35.0779 0x194c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:26:35.0795 0x194c  idsvc - ok
18:26:35.0841 0x194c  IEEtwCollectorService - ok
18:26:35.0873 0x194c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:26:35.0873 0x194c  iirsp - ok
18:26:35.0982 0x194c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:26:36.0013 0x194c  IKEEXT - ok
18:26:36.0153 0x194c  [ F4C031439501F6C1D336A36D7CB58F4F, DAFE481F0AA5242E75A681706DA7D97D68E6A89FB31F3A298945CF7EA5DE4184 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:26:36.0216 0x194c  IntcAzAudAddService - ok
18:26:36.0263 0x194c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:26:36.0278 0x194c  intelide - ok
18:26:36.0309 0x194c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:26:36.0341 0x194c  intelppm - ok
18:26:36.0372 0x194c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:26:36.0419 0x194c  IPBusEnum - ok
18:26:36.0465 0x194c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:26:36.0528 0x194c  IpFilterDriver - ok
18:26:36.0590 0x194c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:26:36.0653 0x194c  iphlpsvc - ok
18:26:36.0699 0x194c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:26:36.0762 0x194c  IPMIDRV - ok
18:26:36.0793 0x194c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:26:36.0871 0x194c  IPNAT - ok
18:26:36.0980 0x194c  [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:26:37.0011 0x194c  iPod Service - ok
18:26:37.0027 0x194c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:26:37.0105 0x194c  IRENUM - ok
18:26:37.0121 0x194c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:26:37.0136 0x194c  isapnp - ok
18:26:37.0199 0x194c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:26:37.0230 0x194c  iScsiPrt - ok
18:26:37.0245 0x194c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
18:26:37.0261 0x194c  kbdclass - ok
18:26:37.0308 0x194c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:26:37.0323 0x194c  kbdhid - ok
18:26:37.0339 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] KeyIso          C:\Windows\system32\lsass.exe
18:26:37.0355 0x194c  KeyIso - ok
18:26:37.0401 0x194c  [ 211A379BAAB812A7B437319BD85B2435, 4C8B82817B735BEFC0C8E2A42C7EF547D1C179561D3C97B3067B5EA3408F9E4D ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:26:37.0417 0x194c  KSecDD - ok
18:26:37.0433 0x194c  [ CC1B3B52F33CBC1CE60867DA4E23537C, A373DBCE6A53B77F59D9C83E243E5C1A2B4C38571CA28198229730D612561978 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:26:37.0448 0x194c  KSecPkg - ok
18:26:37.0464 0x194c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:26:37.0495 0x194c  ksthunk - ok
18:26:37.0526 0x194c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:26:37.0589 0x194c  KtmRm - ok
18:26:37.0620 0x194c  [ 0E154DA6CA9105354A07D0C576804037, 10A7F6E2A031C2D96B362411DCA2C347E7D7B6ADED9021674E0E633AB9F45D7B ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
18:26:37.0635 0x194c  L1C - ok
18:26:37.0698 0x194c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
18:26:37.0791 0x194c  LanmanServer - ok
18:26:37.0838 0x194c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:26:37.0916 0x194c  LanmanWorkstation - ok
18:26:38.0493 0x194c  [ 8FB6D64CB42E660C4534D38013D64A03, 11A6A914E8588DDFDE32D12A858BA8A31783B5DDB42C9E7FD0F237D57A437976 ] LavasoftTcpService C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
18:26:38.0571 0x194c  LavasoftTcpService - ok
18:26:38.0618 0x194c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:26:38.0712 0x194c  lltdio - ok
18:26:38.0759 0x194c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:26:38.0852 0x194c  lltdsvc - ok
18:26:38.0883 0x194c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:26:38.0930 0x194c  lmhosts - ok
18:26:39.0008 0x194c  [ 926EBA26A8B49D1597751CED06B50862, 886FC610E379BD77146ADDC376D77437D88B593C7F1C3FEE2B93D934A67310F8 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:26:39.0039 0x194c  LMS - ok
18:26:39.0071 0x194c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:26:39.0086 0x194c  LSI_FC - ok
18:26:39.0102 0x194c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:26:39.0102 0x194c  LSI_SAS - ok
18:26:39.0117 0x194c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:26:39.0133 0x194c  LSI_SAS2 - ok
18:26:39.0133 0x194c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:26:39.0149 0x194c  LSI_SCSI - ok
18:26:39.0180 0x194c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:26:39.0211 0x194c  luafv - ok
18:26:39.0258 0x194c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:26:39.0273 0x194c  Mcx2Svc - ok
18:26:39.0289 0x194c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:26:39.0305 0x194c  megasas - ok
18:26:39.0336 0x194c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:26:39.0351 0x194c  MegaSR - ok
18:26:39.0383 0x194c  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:26:39.0398 0x194c  MEIx64 - ok
18:26:39.0476 0x194c  Microsoft SharePoint Workspace Audit Service - ok
18:26:39.0539 0x194c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:26:39.0585 0x194c  MMCSS - ok
18:26:39.0617 0x194c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:26:39.0710 0x194c  Modem - ok
18:26:39.0757 0x194c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:26:39.0788 0x194c  monitor - ok
18:26:39.0866 0x194c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:26:39.0897 0x194c  mouclass - ok
18:26:39.0913 0x194c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:26:39.0960 0x194c  mouhid - ok
18:26:40.0022 0x194c  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:26:40.0053 0x194c  mountmgr - ok
18:26:40.0178 0x194c  [ 63282F5EB7E5BFB58FD1EC93C6ADB457, 25096C4AE319E854153C75DCEC0A67A63F6B05FDD0B49D4D373724B3BF55D665 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:26:40.0209 0x194c  MozillaMaintenance - ok
18:26:40.0319 0x194c  [ DA0FAEE45D6F03D7647851A20977A7D0, AFB1EA053CD4BCA903868896D020205D4C207C85314E6C56C4663922A3F9BD6A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
18:26:40.0350 0x194c  MpFilter - ok
18:26:40.0365 0x194c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:26:40.0365 0x194c  mpio - ok
18:26:40.0397 0x194c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:26:40.0443 0x194c  mpsdrv - ok
18:26:40.0506 0x194c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:26:40.0553 0x194c  MpsSvc - ok
18:26:40.0615 0x194c  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:26:40.0693 0x194c  MRxDAV - ok
18:26:40.0755 0x194c  [ 07F8F6B0CAEC7ADD30EBD94940A315D7, 288429A146B74E88D93C5BC19D878A42AC6F411EE31D9A6D36A2A2FFCF7B9436 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:26:40.0833 0x194c  mrxsmb - ok
18:26:40.0880 0x194c  [ 8856E45D23BFF4D977BF06D0543BCD96, 0066C061A3516A16C2477590859865E46E522A290CCE17C3EC1B69F81E466E9E ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:26:40.0927 0x194c  mrxsmb10 - ok
18:26:40.0989 0x194c  [ 8D383CED28332B5F3894658857472F47, CB3872543D08C6432CF884C11A5897637A6FC7E9AC40F424444BAAA49C9FC32A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:26:41.0036 0x194c  mrxsmb20 - ok
18:26:41.0067 0x194c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:26:41.0099 0x194c  msahci - ok
18:26:41.0145 0x194c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:26:41.0177 0x194c  msdsm - ok
18:26:41.0192 0x194c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:26:41.0223 0x194c  MSDTC - ok
18:26:41.0270 0x194c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:26:41.0348 0x194c  Msfs - ok
18:26:41.0364 0x194c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:26:41.0395 0x194c  mshidkmdf - ok
18:26:41.0442 0x194c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:26:41.0473 0x194c  msisadrv - ok
18:26:41.0504 0x194c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:26:41.0582 0x194c  MSiSCSI - ok
18:26:41.0582 0x194c  msiserver - ok
18:26:41.0629 0x194c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:26:41.0660 0x194c  MSKSSRV - ok
18:26:41.0769 0x194c  [ C66FE30BBA4604A06EE9E4180ABE4BD9, 43E60C15C05FF19082142BB9D1F29D1B3269AD4A7FB32AF109AE63FE5A6AA0A9 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:26:41.0801 0x194c  MsMpSvc - ok
18:26:41.0847 0x194c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:26:41.0910 0x194c  MSPCLOCK - ok
18:26:41.0925 0x194c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:26:41.0988 0x194c  MSPQM - ok
18:26:42.0050 0x194c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:26:42.0081 0x194c  MsRPC - ok
18:26:42.0128 0x194c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:26:42.0159 0x194c  mssmbios - ok
18:26:42.0175 0x194c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:26:42.0222 0x194c  MSTEE - ok
18:26:42.0237 0x194c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:26:42.0269 0x194c  MTConfig - ok
18:26:42.0300 0x194c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:26:42.0315 0x194c  Mup - ok
18:26:42.0331 0x194c  [ 9B1EAC6FAF6F37305E822F5588DC8056, AE0DC044159BB03EE8A39AE0682C8F6A78D89AD5A6192E7006D75850ECD50E9D ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
18:26:42.0347 0x194c  mwlPSDFilter - ok
18:26:42.0362 0x194c  [ AD55C1524B296280ED9C6E0D730D35DA, 8E5F9652CFCB325E131CEB2E4871126EB6F940DF7894B2E7F8241F1EF69920ED ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
18:26:42.0362 0x194c  mwlPSDNServ - ok
18:26:42.0393 0x194c  [ 2B599E6EC8843637BDD62E7F8F3BA201, 51EE657FC6CA4F2BCC24573B27379231EF30920A559423A860A278C59F4B9F98 ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
18:26:42.0409 0x194c  mwlPSDVDisk - ok
18:26:42.0487 0x194c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:26:42.0581 0x194c  napagent - ok
18:26:42.0643 0x194c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:26:42.0705 0x194c  NativeWifiP - ok
18:26:42.0830 0x194c  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:26:42.0861 0x194c  NDIS - ok
18:26:42.0893 0x194c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:26:42.0971 0x194c  NdisCap - ok
18:26:43.0017 0x194c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:26:43.0033 0x194c  NdisTapi - ok
18:26:43.0095 0x194c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:26:43.0158 0x194c  Ndisuio - ok
18:26:43.0220 0x194c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:26:43.0298 0x194c  NdisWan - ok
18:26:43.0329 0x194c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:26:43.0392 0x194c  NDProxy - ok
18:26:43.0439 0x194c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:26:43.0532 0x194c  NetBIOS - ok
18:26:43.0610 0x194c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:26:43.0673 0x194c  NetBT - ok
18:26:43.0704 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] Netlogon        C:\Windows\system32\lsass.exe
18:26:43.0704 0x194c  Netlogon - ok
18:26:43.0766 0x194c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:26:43.0813 0x194c  Netman - ok
18:26:43.0875 0x194c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:43.0891 0x194c  NetMsmqActivator - ok
18:26:43.0907 0x194c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:43.0907 0x194c  NetPipeActivator - ok
18:26:43.0985 0x194c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:26:44.0078 0x194c  netprofm - ok
18:26:44.0109 0x194c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:44.0125 0x194c  NetTcpActivator - ok
18:26:44.0125 0x194c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:44.0141 0x194c  NetTcpPortSharing - ok
18:26:44.0172 0x194c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:26:44.0187 0x194c  nfrd960 - ok
18:26:44.0250 0x194c  [ 6D79C8CB73187FBEAAD1F680FADF98D3, 0075B2CCC4FFF929023F95686D7BBE32C0FCE05DEB2159C0784AF85D64E1B66E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:26:44.0281 0x194c  NisDrv - ok
18:26:44.0375 0x194c  [ B8F4F580638373FBF72F2B572446D294, A5CD9ABCA5CDC335D2C6FDCB81327B600150E45BB867B88859A00AF974B42F85 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
18:26:44.0406 0x194c  NisSrv - ok
18:26:44.0453 0x194c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:26:44.0546 0x194c  NlaSvc - ok
18:26:44.0593 0x194c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:26:44.0640 0x194c  Npfs - ok
18:26:44.0671 0x194c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:26:44.0749 0x194c  nsi - ok
18:26:44.0796 0x194c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:26:44.0889 0x194c  nsiproxy - ok
18:26:44.0967 0x194c  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:26:45.0014 0x194c  Ntfs - ok
18:26:45.0108 0x194c  [ D27A4546417ED7C4AEA7B3420D4F1F50, 8D52FF7D2C6E338E2E8B414F0FE9ED296A901CB38BCFF8814B1ECE52D8D1599D ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
18:26:45.0123 0x194c  NTI IScheduleSvc - ok
18:26:45.0155 0x194c  [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
18:26:45.0155 0x194c  NTIDrvr - ok
18:26:45.0170 0x194c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:26:45.0217 0x194c  Null - ok
18:26:45.0264 0x194c  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
18:26:45.0326 0x194c  nusb3hub - ok
18:26:45.0357 0x194c  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
18:26:45.0389 0x194c  nusb3xhc - ok
18:26:45.0435 0x194c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:26:45.0451 0x194c  nvraid - ok
18:26:45.0467 0x194c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:26:45.0498 0x194c  nvstor - ok
18:26:45.0529 0x194c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:26:45.0545 0x194c  nv_agp - ok
18:26:45.0591 0x194c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:26:45.0623 0x194c  ohci1394 - ok
18:26:45.0716 0x194c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:26:45.0747 0x194c  ose - ok
18:26:46.0013 0x194c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:26:46.0137 0x194c  osppsvc - ok
18:26:46.0200 0x194c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:26:46.0278 0x194c  p2pimsvc - ok
18:26:46.0309 0x194c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:26:46.0371 0x194c  p2psvc - ok
18:26:46.0418 0x194c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:26:46.0418 0x194c  Parport - ok
18:26:46.0481 0x194c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:26:46.0496 0x194c  partmgr - ok
18:26:46.0543 0x194c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:26:46.0590 0x194c  PcaSvc - ok
18:26:46.0605 0x194c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:26:46.0621 0x194c  pci - ok
18:26:46.0652 0x194c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:26:46.0668 0x194c  pciide - ok
18:26:46.0683 0x194c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:26:46.0699 0x194c  pcmcia - ok
18:26:46.0715 0x194c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:26:46.0730 0x194c  pcw - ok
18:26:46.0808 0x194c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:26:46.0855 0x194c  PEAUTH - ok
18:26:46.0933 0x194c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:26:46.0949 0x194c  PerfHost - ok
18:26:47.0073 0x194c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:26:47.0136 0x194c  pla - ok
18:26:47.0167 0x194c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:26:47.0198 0x194c  PlugPlay - ok
18:26:47.0229 0x194c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:26:47.0245 0x194c  PNRPAutoReg - ok
18:26:47.0261 0x194c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:26:47.0276 0x194c  PNRPsvc - ok
18:26:47.0307 0x194c  [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64         C:\Windows\system32\DRIVERS\point64.sys
18:26:47.0323 0x194c  Point64 - ok
18:26:47.0401 0x194c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:26:47.0463 0x194c  PolicyAgent - ok
18:26:47.0510 0x194c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:26:47.0557 0x194c  Power - ok
18:26:47.0619 0x194c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:26:47.0697 0x194c  PptpMiniport - ok
18:26:47.0729 0x194c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:26:47.0775 0x194c  Processor - ok
18:26:47.0807 0x194c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:26:47.0885 0x194c  ProfSvc - ok
18:26:47.0885 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:26:47.0916 0x194c  ProtectedStorage - ok
18:26:47.0978 0x194c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:26:48.0056 0x194c  Psched - ok
18:26:48.0165 0x194c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:26:48.0197 0x194c  ql2300 - ok
18:26:48.0259 0x194c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:26:48.0290 0x194c  ql40xx - ok
18:26:48.0321 0x194c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:26:48.0353 0x194c  QWAVE - ok
18:26:48.0368 0x194c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:26:48.0384 0x194c  QWAVEdrv - ok
18:26:48.0415 0x194c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:26:48.0462 0x194c  RasAcd - ok
18:26:48.0524 0x194c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:26:48.0618 0x194c  RasAgileVpn - ok
18:26:48.0633 0x194c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:26:48.0680 0x194c  RasAuto - ok
18:26:48.0743 0x194c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:26:48.0789 0x194c  Rasl2tp - ok
18:26:48.0836 0x194c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:26:48.0867 0x194c  RasMan - ok
18:26:48.0899 0x194c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:26:48.0945 0x194c  RasPppoe - ok
18:26:48.0977 0x194c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:26:49.0023 0x194c  RasSstp - ok
18:26:49.0086 0x194c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:26:49.0133 0x194c  rdbss - ok
18:26:49.0179 0x194c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:26:49.0226 0x194c  rdpbus - ok
18:26:49.0273 0x194c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:26:49.0335 0x194c  RDPCDD - ok
18:26:49.0351 0x194c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:26:49.0445 0x194c  RDPENCDD - ok
18:26:49.0460 0x194c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:26:49.0507 0x194c  RDPREFMP - ok
18:26:49.0632 0x194c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:26:49.0663 0x194c  RdpVideoMiniport - ok
18:26:49.0725 0x194c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:26:49.0788 0x194c  RDPWD - ok
18:26:49.0850 0x194c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:26:49.0881 0x194c  rdyboost - ok
18:26:49.0913 0x194c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:26:49.0975 0x194c  RemoteAccess - ok
18:26:50.0022 0x194c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:26:50.0084 0x194c  RemoteRegistry - ok
18:26:50.0100 0x194c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:26:50.0131 0x194c  RpcEptMapper - ok
18:26:50.0162 0x194c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:26:50.0193 0x194c  RpcLocator - ok
18:26:50.0240 0x194c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
18:26:50.0271 0x194c  RpcSs - ok
18:26:50.0303 0x194c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:26:50.0349 0x194c  rspndr - ok
18:26:50.0396 0x194c  [ 9BEB5F18A418FF70659CE2E356829568, 8E327A99E68B5F9028778F5845719D00C590882B8609AF66D97DA880D537C937 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
18:26:50.0412 0x194c  RSUSBSTOR - ok
18:26:50.0427 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] SamSs           C:\Windows\system32\lsass.exe
18:26:50.0427 0x194c  SamSs - ok
18:26:50.0490 0x194c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:26:50.0521 0x194c  sbp2port - ok
18:26:50.0552 0x194c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:26:50.0599 0x194c  SCardSvr - ok
18:26:50.0646 0x194c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:26:50.0708 0x194c  scfilter - ok
18:26:50.0817 0x194c  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
18:26:50.0864 0x194c  Schedule - ok
18:26:50.0911 0x194c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:26:50.0973 0x194c  SCPolicySvc - ok
18:26:51.0020 0x194c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:26:51.0098 0x194c  SDRSVC - ok
18:26:51.0145 0x194c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:26:51.0176 0x194c  secdrv - ok
18:26:51.0223 0x194c  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
18:26:51.0317 0x194c  seclogon - ok
18:26:51.0348 0x194c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
18:26:51.0410 0x194c  SENS - ok
18:26:51.0441 0x194c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:26:51.0504 0x194c  SensrSvc - ok
18:26:51.0551 0x194c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:26:51.0551 0x194c  Serenum - ok
18:26:51.0597 0x194c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:26:51.0644 0x194c  Serial - ok
18:26:51.0722 0x194c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:26:51.0769 0x194c  sermouse - ok
18:26:51.0816 0x194c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:26:51.0878 0x194c  SessionEnv - ok
18:26:51.0925 0x194c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:26:51.0972 0x194c  sffdisk - ok
18:26:52.0003 0x194c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:26:52.0034 0x194c  sffp_mmc - ok
18:26:52.0065 0x194c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:26:52.0112 0x194c  sffp_sd - ok
18:26:52.0159 0x194c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:26:52.0206 0x194c  sfloppy - ok
18:26:52.0253 0x194c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:26:52.0331 0x194c  SharedAccess - ok
18:26:52.0393 0x194c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:26:52.0455 0x194c  ShellHWDetection - ok
18:26:52.0487 0x194c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:26:52.0487 0x194c  SiSRaid2 - ok
18:26:52.0549 0x194c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:26:52.0549 0x194c  SiSRaid4 - ok
18:26:52.0596 0x194c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:26:52.0658 0x194c  Smb - ok
18:26:52.0705 0x194c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:26:52.0721 0x194c  SNMPTRAP - ok
18:26:52.0752 0x194c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:26:52.0783 0x194c  spldr - ok
18:26:52.0861 0x194c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:26:52.0908 0x194c  Spooler - ok
18:26:53.0048 0x194c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:26:53.0173 0x194c  sppsvc - ok
18:26:53.0220 0x194c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:26:53.0298 0x194c  sppuinotify - ok
18:26:53.0329 0x194c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:26:53.0407 0x194c  srv - ok
18:26:53.0454 0x194c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:26:53.0485 0x194c  srv2 - ok
18:26:53.0516 0x194c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:26:53.0563 0x194c  srvnet - ok
18:26:53.0610 0x194c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:26:53.0735 0x194c  SSDPSRV - ok
18:26:53.0750 0x194c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:26:53.0781 0x194c  SstpSvc - ok
18:26:53.0875 0x194c  [ AAF6F247F1DC370C593B4430974EAD9C, 232D0D62EC83A5537ADB28B5DC01074BA812FE6C70C54F70CD7A5EF1BC19D3E1 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
18:26:53.0922 0x194c  ssudmdm - ok
18:26:53.0953 0x194c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:26:53.0969 0x194c  stexstor - ok
18:26:54.0031 0x194c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:26:54.0078 0x194c  stisvc - ok
18:26:54.0125 0x194c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:26:54.0140 0x194c  swenum - ok
18:26:54.0171 0x194c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:26:54.0218 0x194c  swprv - ok
18:26:54.0281 0x194c  [ EF51B22706DB03F0857FADE127C804EC, F3A97B8D94E96ACF93448CDF33DED97B076C3D8FFE42E9EAD088EE662306277B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:26:54.0327 0x194c  SynTP - ok
18:26:54.0421 0x194c  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
18:26:54.0530 0x194c  SysMain - ok
18:26:54.0577 0x194c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:26:54.0593 0x194c  TabletInputService - ok
18:26:54.0624 0x194c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:26:54.0671 0x194c  TapiSrv - ok
18:26:54.0717 0x194c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:26:54.0733 0x194c  TBS - ok
18:26:54.0842 0x194c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:26:54.0905 0x194c  Tcpip - ok
18:26:54.0967 0x194c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:26:55.0014 0x194c  TCPIP6 - ok
18:26:55.0061 0x194c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:26:55.0092 0x194c  tcpipreg - ok
18:26:55.0123 0x194c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:26:55.0170 0x194c  TDPIPE - ok
18:26:55.0232 0x194c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:26:55.0248 0x194c  TDTCP - ok
18:26:55.0310 0x194c  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:26:55.0357 0x194c  tdx - ok
18:26:55.0388 0x194c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:26:55.0404 0x194c  TermDD - ok
18:26:55.0497 0x194c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
18:26:55.0575 0x194c  TermService - ok
18:26:55.0607 0x194c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:26:55.0638 0x194c  Themes - ok
18:26:55.0669 0x194c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:26:55.0700 0x194c  THREADORDER - ok
18:26:55.0731 0x194c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:26:55.0763 0x194c  TrkWks - ok
18:26:55.0809 0x194c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:26:55.0856 0x194c  TrustedInstaller - ok
18:26:55.0887 0x194c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:26:55.0903 0x194c  tssecsrv - ok
18:26:55.0950 0x194c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:26:55.0981 0x194c  TsUsbFlt - ok
18:26:56.0059 0x194c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:26:56.0106 0x194c  tunnel - ok
18:26:56.0153 0x194c  [ 48743B69EA47C020A792D8649F753F44, 58BFF60271F62F5CB02A1181F44E94C230DF4A6EC5C072A476B2BED13239A70C ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
18:26:56.0168 0x194c  TurboB - ok
18:26:56.0184 0x194c  [ 759F59E3EA3802FF23F93DCDB6FE9171, DB5A6C1EDA10380C14A8C318D6C65ED691C36F726A6A20DB3038D8F55F1B76D8 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
18:26:56.0199 0x194c  TurboBoost - ok
18:26:56.0231 0x194c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:26:56.0231 0x194c  uagp35 - ok
18:26:56.0246 0x194c  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
18:26:56.0262 0x194c  UBHelper - ok
18:26:56.0324 0x194c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:26:56.0387 0x194c  udfs - ok
18:26:56.0402 0x194c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:26:56.0433 0x194c  UI0Detect - ok
18:26:56.0465 0x194c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:26:56.0480 0x194c  uliagpkx - ok
18:26:56.0543 0x194c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
18:26:56.0574 0x194c  umbus - ok
18:26:56.0605 0x194c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:26:56.0636 0x194c  UmPass - ok
18:26:56.0823 0x194c  [ FDF92EC84FECEE834FB10A2A0A19BCDA, F81FCA3BEC10C84335DBAD9D2CDAB98C62252A864F23BDD482F97F86D5FA0B15 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:26:56.0901 0x194c  UNS - ok
18:26:56.0948 0x194c  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
18:26:56.0964 0x194c  Updater Service - ok
18:26:56.0995 0x194c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:26:57.0042 0x194c  upnphost - ok
18:26:57.0104 0x194c  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:26:57.0151 0x194c  USBAAPL64 - ok
18:26:57.0198 0x194c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:26:57.0213 0x194c  usbccgp - ok
18:26:57.0276 0x194c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:26:57.0323 0x194c  usbcir - ok
18:26:57.0369 0x194c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:26:57.0385 0x194c  usbehci - ok
18:26:57.0432 0x194c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:26:57.0447 0x194c  usbhub - ok
18:26:57.0463 0x194c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:26:57.0479 0x194c  usbohci - ok
18:26:57.0510 0x194c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:26:57.0525 0x194c  usbprint - ok
18:26:57.0588 0x194c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
18:26:57.0603 0x194c  usbscan - ok
18:26:57.0650 0x194c  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:26:57.0697 0x194c  USBSTOR - ok
18:26:57.0744 0x194c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:26:57.0759 0x194c  usbuhci - ok
18:26:57.0822 0x194c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:26:57.0884 0x194c  usbvideo - ok
18:26:57.0947 0x194c  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
18:26:57.0962 0x194c  usb_rndisx - ok
18:26:57.0993 0x194c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:26:58.0025 0x194c  UxSms - ok
18:26:58.0040 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:26:58.0040 0x194c  VaultSvc - ok
18:26:58.0103 0x194c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:26:58.0103 0x194c  vdrvroot - ok
18:26:58.0227 0x194c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:26:58.0274 0x194c  vds - ok
18:26:58.0321 0x194c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:26:58.0352 0x194c  vga - ok
18:26:58.0383 0x194c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:26:58.0430 0x194c  VgaSave - ok
18:26:58.0477 0x194c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:26:58.0493 0x194c  vhdmp - ok
18:26:58.0555 0x194c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:26:58.0555 0x194c  viaide - ok
18:26:58.0571 0x194c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:26:58.0586 0x194c  volmgr - ok
18:26:58.0633 0x194c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:26:58.0649 0x194c  volmgrx - ok
18:26:58.0680 0x194c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:26:58.0695 0x194c  volsnap - ok
18:26:58.0727 0x194c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:26:58.0727 0x194c  vsmraid - ok
18:26:58.0805 0x194c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:26:58.0883 0x194c  VSS - ok
18:26:58.0898 0x194c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:26:58.0945 0x194c  vwifibus - ok
18:26:58.0992 0x194c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:26:59.0023 0x194c  vwififlt - ok
18:26:59.0070 0x194c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:26:59.0085 0x194c  vwifimp - ok
18:26:59.0132 0x194c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:26:59.0195 0x194c  W32Time - ok
18:26:59.0210 0x194c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:26:59.0226 0x194c  WacomPen - ok
18:26:59.0288 0x194c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:26:59.0335 0x194c  WANARP - ok
18:26:59.0351 0x194c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:26:59.0366 0x194c  Wanarpv6 - ok
18:26:59.0444 0x194c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:26:59.0491 0x194c  wbengine - ok
18:26:59.0538 0x194c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:26:59.0569 0x194c  WbioSrvc - ok
18:26:59.0709 0x194c  [ B995CB950BBB00DB2BC7D02D693E5CC7, 6096A2C564B8A3263956BA2818B41D9CF37E29E3595638E48673A5D6705F7774 ] WCAssistantService C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
18:26:59.0725 0x194c  WCAssistantService - ok
18:26:59.0772 0x194c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:26:59.0819 0x194c  wcncsvc - ok
18:26:59.0850 0x194c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:26:59.0897 0x194c  WcsPlugInService - ok
18:26:59.0928 0x194c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:26:59.0928 0x194c  Wd - ok
18:27:00.0006 0x194c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:27:00.0037 0x194c  Wdf01000 - ok
18:27:00.0068 0x194c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:27:00.0115 0x194c  WdiServiceHost - ok
18:27:00.0115 0x194c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:27:00.0131 0x194c  WdiSystemHost - ok
18:27:00.0193 0x194c  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
18:27:00.0224 0x194c  WebClient - ok
18:27:00.0255 0x194c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:27:00.0302 0x194c  Wecsvc - ok
18:27:00.0333 0x194c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:27:00.0380 0x194c  wercplsupport - ok
18:27:00.0411 0x194c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:27:00.0443 0x194c  WerSvc - ok
18:27:00.0474 0x194c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:27:00.0505 0x194c  WfpLwf - ok
18:27:00.0521 0x194c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:27:00.0521 0x194c  WIMMount - ok
18:27:00.0552 0x194c  WinDefend - ok
18:27:00.0567 0x194c  WinHttpAutoProxySvc - ok
18:27:00.0614 0x194c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:27:00.0661 0x194c  Winmgmt - ok
18:27:00.0739 0x194c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
18:27:00.0833 0x194c  WinRM - ok
18:27:00.0911 0x194c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
18:27:00.0926 0x194c  WinUsb - ok
18:27:00.0973 0x194c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:27:01.0020 0x194c  Wlansvc - ok
18:27:01.0238 0x194c  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:27:01.0301 0x194c  wlidsvc - ok
18:27:01.0347 0x194c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:27:01.0379 0x194c  WmiAcpi - ok
18:27:01.0410 0x194c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:27:01.0425 0x194c  wmiApSrv - ok
18:27:01.0441 0x194c  WMPNetworkSvc - ok
18:27:01.0472 0x194c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:27:01.0488 0x194c  WPCSvc - ok
18:27:01.0535 0x194c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:27:01.0566 0x194c  WPDBusEnum - ok
18:27:01.0581 0x194c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:27:01.0628 0x194c  ws2ifsl - ok
18:27:01.0675 0x194c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
18:27:01.0722 0x194c  wscsvc - ok
18:27:01.0722 0x194c  WSearch - ok
18:27:01.0847 0x194c  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:27:01.0956 0x194c  wuauserv - ok
18:27:02.0003 0x194c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:27:02.0065 0x194c  WudfPf - ok
18:27:02.0096 0x194c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:27:02.0112 0x194c  WUDFRd - ok
18:27:02.0127 0x194c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:27:02.0159 0x194c  wudfsvc - ok
18:27:02.0205 0x194c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:27:02.0221 0x194c  WwanSvc - ok
18:27:02.0237 0x194c  ================ Scan global ===============================
18:27:02.0283 0x194c  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
18:27:02.0361 0x194c  [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
18:27:02.0377 0x194c  [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
18:27:02.0408 0x194c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:27:02.0486 0x194c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:27:02.0502 0x194c  [ Global ] - ok
18:27:02.0502 0x194c  ================ Scan MBR ==================================
18:27:02.0517 0x194c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:27:03.0500 0x194c  \Device\Harddisk0\DR0 - ok
18:27:03.0500 0x194c  ================ Scan VBR ==================================
18:27:03.0516 0x194c  [ AB2486A0FA37443338421535893287BB ] \Device\Harddisk0\DR0\Partition1
18:27:03.0547 0x194c  \Device\Harddisk0\DR0\Partition1 - ok
18:27:03.0563 0x194c  [ F3C5EFBC5666F01E270C48867AFF080D ] \Device\Harddisk0\DR0\Partition2
18:27:03.0594 0x194c  \Device\Harddisk0\DR0\Partition2 - ok
18:27:03.0594 0x194c  ================ Scan generic autorun ======================
18:27:03.0672 0x194c  [ 5FDFB8E924219645DD26D0FC378F8182, F704AED82B60D1B38E523E46F9788A65EF50D58439784DA6BF90E1C299994652 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
18:27:03.0703 0x194c  Acer ePower Management - ok
18:27:04.0093 0x194c  [ 238283A703AB55EA96168C81994671A5, 96FA85C882BDC0DF1B2207C9EB932FB2EA016E3C649FF1076DE7F0F83E258308 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:27:04.0187 0x0ee4  Object required for P2P: [ 63282F5EB7E5BFB58FD1EC93C6ADB457 ] MozillaMaintenance
18:27:04.0343 0x194c  RtHDVCpl - ok
18:27:04.0483 0x194c  [ BC5FA33CFDF1769C60FE89A7F8AA29B2, CCD36D9C4008B9AE425BB31517FF139D8E0C7DBB0D052AADE71D48936D164956 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:27:04.0530 0x194c  RtHDVBg - ok
18:27:04.0545 0x194c  IntelTBRunOnce - ok
18:27:04.0545 0x194c  SynTPEnh - ok
18:27:04.0686 0x194c  [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
18:27:04.0748 0x194c  IntelliPoint - ok
18:27:04.0873 0x194c  [ 68D45D36DD827738A2F2E8E21E53C193, C51BA0A2A40D320663BE5BF2519A61B831E12FEBB349E638246E87408AD02B84 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
18:27:04.0935 0x194c  CanonMyPrinter - ok
18:27:05.0045 0x194c  [ DD7B4F9E6B71A599FEF4BD9DA0AE57C2, 6B22356F74F7ED069A3FC39C62326AA98A70D0E860A2EB29A6C46F4077FB567A ] c:\Program Files\Microsoft Security Client\msseces.exe
18:27:05.0091 0x194c  MSC - ok
18:27:05.0185 0x194c  [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe
18:27:05.0201 0x194c  iTunesHelper - ok
18:27:05.0247 0x194c  [ C0B97E53A0E39A48EEA2DCD500EEA07A, 111FBD91850E52E61E6A4D8065BF56C9C6B89C55BA6312F726125F1CE4B09EE1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
18:27:05.0263 0x194c  IAStorIcon - ok
18:27:05.0357 0x194c  [ DED59B9CAFB20D0ABC4F15574209E09C, EB945F125C46316F8D1A4DA9039485A9223E77CAD6AF7E60E3EDF6644CF098CC ] C:\Program Files (x86)\Launch Manager\LManager.exe
18:27:05.0403 0x194c  LManager - ok
18:27:05.0481 0x194c  [ 4DDE3E01B5020B3D5DEEC7E3DC0F3185, C7315F3521EE461027A3DDE7CFC0EA4F8E705A98F9292284BB20620D7F34DDE9 ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
18:27:05.0513 0x194c  BackupManagerTray - ok
18:27:05.0544 0x194c  [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
18:27:05.0544 0x194c  NUSB3MON - ok
18:27:05.0622 0x194c  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe
18:27:05.0637 0x194c  MDS_Menu - ok
18:27:05.0731 0x194c  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
18:27:05.0762 0x194c  BCSSync - ok
18:27:05.0871 0x194c  [ 07447CE7F63DB2904AB0D3431A3EB2E5, F2F0F864171A78B65F12338F0DEB867E0C83D1484FFD0B08150B42CE37ACAB5A ] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
18:27:05.0903 0x194c  ProductUpdater - detected UnsignedFile.Multi.Generic ( 1 )
18:27:06.0761 0x0ee4  Object send P2P result: true
18:27:06.0761 0x0ee4  Object required for P2P: [ DA0FAEE45D6F03D7647851A20977A7D0 ] MpFilter
18:27:08.0352 0x194c  ProductUpdater ( UnsignedFile.Multi.Generic ) - warning
18:27:10.0901 0x194c  [ C9B67BCB8E384064A8C2263740B0C437, F2609406A84F3A8E256DD250F84A774EF43F92C9F8B373E297A99ACF95B3CCE4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:27:10.0932 0x194c  SunJavaUpdateSched - ok
18:27:11.0135 0x194c  [ B66E0842FCF485F3E2D41BF0BA10966F, 966B8386B2D060167E8EAAE478509013A8729FE2CF11F890D3F9DCDA90768F34 ] C:\Users\Anja Könemann-Meyer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
18:27:11.0182 0x194c  Spotify Web Helper - ok
18:27:11.0291 0x194c  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Anja Könemann-Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe
18:27:11.0322 0x194c  Dropbox Update - ok
18:27:11.0400 0x194c  [ 06F6DB72ADABC5E858F38EF69014CE52, B4AEABF3EA6FCABBED879D642BA070DF9C244E28DB5BDC3211205C7B8DB97BFB ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
18:27:11.0431 0x194c  OfficeSyncProcess - ok
18:27:11.0431 0x194c  Waiting for KSN requests completion. In queue: 256
18:27:11.0525 0x25b4  Object required for P2P: [ 68D45D36DD827738A2F2E8E21E53C193 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
18:27:12.0445 0x194c  Waiting for KSN requests completion. In queue: 246
18:27:12.0757 0x0ee4  Object send P2P result: true
18:27:12.0773 0x0ee4  Object required for P2P: [ 6D79C8CB73187FBEAAD1F680FADF98D3 ] NisDrv
18:27:13.0459 0x194c  Waiting for KSN requests completion. In queue: 202
18:27:14.0099 0x25b4  Object send P2P result: true
18:27:14.0473 0x194c  Waiting for KSN requests completion. In queue: 189
18:27:15.0347 0x0ee4  Object send P2P result: true
18:27:15.0378 0x0ee4  Object required for P2P: [ B995CB950BBB00DB2BC7D02D693E5CC7 ] WCAssistantService
18:27:15.0487 0x194c  Waiting for KSN requests completion. In queue: 23
         


Alt 22.04.2016, 17:35   #6
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Standard

WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt



Bitte Log vollständig posten, zur Not auf zwei Posts aufteilen...
__________________
--> WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt

Alt 22.04.2016, 17:41   #7
A-und-T
 
WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Standard

WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt



Moin,

danke für die erneut schnelle Rückmeldung. Hier Teil 1:

Code:
ATTFilter
18:25:38.0237 0x2518  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:25:40.0617 0x2518  ============================================================
18:25:40.0617 0x2518  Current date / time: 2016/04/22 18:25:40.0617
18:25:40.0617 0x2518  SystemInfo:
18:25:40.0617 0x2518  
18:25:40.0617 0x2518  OS Version: 6.1.7601 ServicePack: 1.0
18:25:40.0617 0x2518  Product type: Workstation
18:25:40.0617 0x2518  ComputerName: ANJAKÖNEMANN
18:25:40.0618 0x2518  UserName: Anja Könemann-Meyer
18:25:40.0618 0x2518  Windows directory: C:\Windows
18:25:40.0618 0x2518  System windows directory: C:\Windows
18:25:40.0618 0x2518  Running under WOW64
18:25:40.0618 0x2518  Processor architecture: Intel x64
18:25:40.0618 0x2518  Number of processors: 4
18:25:40.0618 0x2518  Page size: 0x1000
18:25:40.0618 0x2518  Boot type: Normal boot
18:25:40.0618 0x2518  ============================================================
18:25:40.0726 0x2518  KLMD registered as C:\Windows\system32\drivers\33704797.sys
18:25:41.0666 0x2518  System UUID: {CBE1F9E8-A01A-BD5E-5D46-27C9C1940AAB}
18:25:42.0191 0x2518  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:25:42.0195 0x2518  ============================================================
18:25:42.0195 0x2518  \Device\Harddisk0\DR0:
18:25:42.0195 0x2518  MBR partitions:
18:25:42.0195 0x2518  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
18:25:42.0195 0x2518  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x55713000
18:25:42.0195 0x2518  ============================================================
18:25:42.0224 0x2518  C: <-> \Device\Harddisk0\DR0\Partition2
18:25:42.0224 0x2518  ============================================================
18:25:42.0224 0x2518  Initialize success
18:25:42.0224 0x2518  ============================================================
18:26:13.0221 0x194c  ============================================================
18:26:13.0237 0x194c  Scan started
18:26:13.0237 0x194c  Mode: Manual; SigCheck; TDLFS; 
18:26:13.0237 0x194c  ============================================================
18:26:13.0237 0x194c  KSN ping started
18:26:15.0639 0x194c  KSN ping finished: true
18:26:16.0388 0x194c  ================ Scan system memory ========================
18:26:16.0388 0x194c  System memory - ok
18:26:16.0388 0x194c  ================ Scan services =============================
18:26:16.0653 0x194c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:26:16.0762 0x194c  1394ohci - ok
18:26:16.0809 0x194c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:26:16.0825 0x194c  ACPI - ok
18:26:16.0887 0x194c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:26:16.0981 0x194c  AcpiPmi - ok
18:26:17.0152 0x194c  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:26:17.0152 0x194c  AdobeARMservice - ok
18:26:17.0262 0x194c  [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:26:17.0277 0x194c  AdobeFlashPlayerUpdateSvc - ok
18:26:17.0324 0x194c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:26:17.0340 0x194c  adp94xx - ok
18:26:17.0371 0x194c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:26:17.0386 0x194c  adpahci - ok
18:26:17.0418 0x194c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:26:17.0433 0x194c  adpu320 - ok
18:26:17.0480 0x194c  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:26:17.0527 0x194c  AeLookupSvc - ok
18:26:17.0620 0x194c  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
18:26:17.0683 0x194c  AFD - ok
18:26:17.0730 0x194c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:26:17.0745 0x194c  agp440 - ok
18:26:17.0776 0x194c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:26:17.0792 0x194c  ALG - ok
18:26:17.0839 0x194c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:26:17.0854 0x194c  aliide - ok
18:26:17.0886 0x194c  [ 9CB927E76D3F65A02741A4D9A690178C, F94A931B3C8E94B54ED8D9F341D4DD5E21B27D681B3E418AC775684BF30C54DC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:26:17.0948 0x194c  AMD External Events Utility - ok
18:26:18.0010 0x194c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:26:18.0026 0x194c  amdide - ok
18:26:18.0057 0x194c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:26:18.0088 0x194c  AmdK8 - ok
18:26:18.0338 0x194c  [ B8660FB5431F136635FB6446AC67FAAE, 08D2C124530169579BF2BE7E6975AED57683A00FAC1945897AFC6822F7D51D2D ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:26:18.0510 0x194c  amdkmdag - ok
18:26:18.0619 0x194c  [ 5FC9D833F726383D9D60205F5A3CF16B, 0A5A4A63FF2224E5CF72C7C7DA82C2FD4B2BEE5EED5C5F63D25370F5560105EE ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:26:18.0666 0x194c  amdkmdap - ok
18:26:18.0712 0x194c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:26:18.0744 0x194c  AmdPPM - ok
18:26:18.0790 0x194c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:26:18.0806 0x194c  amdsata - ok
18:26:18.0837 0x194c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:26:18.0837 0x194c  amdsbs - ok
18:26:18.0853 0x194c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:26:18.0868 0x194c  amdxata - ok
18:26:18.0915 0x194c  [ 4887E13C3154816A9503E34FC05F2804, CA05D85C3B63EEB2836D50FF99CDA70DC56D7F67B4296EC50A7D250BBA2F57C4 ] AnyDVD          C:\Windows\system32\Drivers\AnyDVD.sys
18:26:18.0931 0x194c  AnyDVD - ok
18:26:19.0009 0x194c  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
18:26:19.0056 0x194c  AppID - ok
18:26:19.0071 0x194c  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:26:19.0102 0x194c  AppIDSvc - ok
18:26:19.0149 0x194c  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
18:26:19.0180 0x194c  Appinfo - ok
18:26:19.0336 0x194c  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:26:19.0368 0x194c  Apple Mobile Device Service - ok
18:26:19.0430 0x194c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:26:19.0461 0x194c  arc - ok
18:26:19.0477 0x194c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:26:19.0492 0x194c  arcsas - ok
18:26:19.0633 0x194c  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:26:19.0664 0x194c  aspnet_state - ok
18:26:19.0695 0x194c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:26:19.0804 0x194c  AsyncMac - ok
18:26:19.0882 0x194c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:26:19.0898 0x194c  atapi - ok
18:26:20.0023 0x194c  [ E642491F64E58CD5BC8FB8B347DCF65F, D457175EF3A0552CEA3DA78E7116D54BC2BF157857A8B764597B51FB4E29C033 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
18:26:20.0085 0x194c  athr - ok
18:26:20.0116 0x194c  [ 2D648572BA9A610952FCAFBA1E119C2D, 4CD7E7D3C878DEF8CC18A925EAB1E0E8E8893BE99DA1E1F78FE9AD12EF1C48BC ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
18:26:20.0116 0x194c  AtiHdmiService - ok
18:26:20.0226 0x194c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:26:20.0319 0x194c  AudioEndpointBuilder - ok
18:26:20.0335 0x194c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:26:20.0366 0x194c  AudioSrv - ok
18:26:20.0444 0x194c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:26:20.0553 0x194c  AxInstSV - ok
18:26:20.0647 0x194c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:26:20.0725 0x194c  b06bdrv - ok
18:26:20.0756 0x194c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:26:20.0803 0x194c  b57nd60a - ok
18:26:20.0834 0x194c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:26:20.0912 0x194c  BDESVC - ok
18:26:20.0943 0x194c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:26:21.0021 0x194c  Beep - ok
18:26:21.0130 0x194c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:26:21.0208 0x194c  BFE - ok
18:26:21.0302 0x194c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:26:21.0442 0x194c  BITS - ok
18:26:21.0489 0x194c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:26:21.0536 0x194c  blbdrive - ok
18:26:21.0614 0x194c  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:26:21.0645 0x194c  Bonjour Service - ok
18:26:21.0676 0x194c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:26:21.0708 0x194c  bowser - ok
18:26:21.0739 0x194c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:26:21.0770 0x194c  BrFiltLo - ok
18:26:21.0786 0x194c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:26:21.0801 0x194c  BrFiltUp - ok
18:26:21.0848 0x194c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
18:26:21.0879 0x194c  BridgeMP - ok
18:26:21.0926 0x194c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:26:21.0973 0x194c  Browser - ok
18:26:22.0004 0x194c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:26:22.0051 0x194c  Brserid - ok
18:26:22.0082 0x194c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:26:22.0113 0x194c  BrSerWdm - ok
18:26:22.0144 0x194c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:26:22.0176 0x194c  BrUsbMdm - ok
18:26:22.0191 0x194c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:26:22.0207 0x194c  BrUsbSer - ok
18:26:22.0222 0x194c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:26:22.0238 0x194c  BTHMODEM - ok
18:26:22.0269 0x194c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:26:22.0316 0x194c  bthserv - ok
18:26:22.0347 0x194c  catchme - ok
18:26:22.0378 0x194c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:26:22.0441 0x194c  cdfs - ok
18:26:22.0519 0x194c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:26:22.0550 0x194c  cdrom - ok
18:26:22.0612 0x194c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:26:22.0644 0x194c  CertPropSvc - ok
18:26:22.0690 0x194c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:26:22.0737 0x194c  circlass - ok
18:26:22.0784 0x194c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
18:26:22.0800 0x194c  CLFS - ok
18:26:22.0909 0x194c  [ 7AD6AD732247CC3D7A943465748C0D47, 5A1DD728077DE2B5FAFD0B3F51DF38E256C153A20F9CF571F2BB387507AD2088 ] CLKMSVC10_34E30CCC C:\Program Files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe
18:26:22.0924 0x194c  CLKMSVC10_34E30CCC - ok
18:26:22.0987 0x194c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:26:23.0002 0x194c  clr_optimization_v2.0.50727_32 - ok
18:26:23.0034 0x194c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:26:23.0049 0x194c  clr_optimization_v2.0.50727_64 - ok
18:26:23.0143 0x194c  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:26:23.0158 0x194c  clr_optimization_v4.0.30319_32 - ok
18:26:23.0174 0x194c  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:26:23.0190 0x194c  clr_optimization_v4.0.30319_64 - ok
18:26:23.0236 0x194c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:26:23.0283 0x194c  CmBatt - ok
18:26:23.0314 0x194c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:26:23.0346 0x194c  cmdide - ok
18:26:23.0455 0x194c  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:26:23.0486 0x194c  CNG - ok
18:26:23.0658 0x194c  [ 360959BBD4F451E1AB811F4304232766, 7BAA78590F2F656DC8D8C31EEDB7ED17B55C5EB3218A60A0EB90AFA323C01BCA ] CodeMeter.exe   C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
18:26:23.0720 0x194c  CodeMeter.exe - ok
18:26:23.0767 0x194c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:26:23.0767 0x194c  Compbatt - ok
18:26:23.0829 0x194c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:26:23.0892 0x194c  CompositeBus - ok
18:26:23.0923 0x194c  COMSysApp - ok
18:26:23.0938 0x194c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:26:23.0954 0x194c  crcdisk - ok
18:26:24.0016 0x194c  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:26:24.0079 0x194c  CryptSvc - ok
18:26:24.0172 0x194c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:26:24.0251 0x194c  DcomLaunch - ok
18:26:24.0329 0x194c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:26:24.0391 0x194c  defragsvc - ok
18:26:24.0438 0x194c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:26:24.0485 0x194c  DfsC - ok
18:26:24.0563 0x194c  [ E428DFFA96FAD07D8CA3C9082563A225, F3D2E94A9FF2CF68CC99A8B42B8DEA5E57D46000D1845DC0908224493480C79F ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
18:26:24.0578 0x194c  dg_ssudbus - ok
18:26:24.0641 0x194c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:26:24.0703 0x194c  Dhcp - ok
18:26:24.0812 0x194c  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
18:26:24.0890 0x194c  DiagTrack - ok
18:26:24.0906 0x194c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:26:24.0953 0x194c  discache - ok
18:26:24.0999 0x194c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:26:25.0031 0x194c  Disk - ok
18:26:25.0046 0x194c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:26:25.0077 0x194c  Dnscache - ok
18:26:25.0124 0x194c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:26:25.0171 0x194c  dot3svc - ok
18:26:25.0187 0x194c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:26:25.0233 0x194c  DPS - ok
18:26:25.0311 0x194c  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:26:25.0358 0x194c  drmkaud - ok
18:26:25.0405 0x194c  [ 470F7F19188AB45463F8B612D6DDE7C8, 4D25C534B2458CBC810C751F3FD7CE7ACE9E17CCD1415FB70D88A5BC4794EA09 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
18:26:25.0421 0x194c  DsiWMIService - ok
18:26:25.0530 0x194c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:26:25.0561 0x194c  DXGKrnl - ok
18:26:25.0608 0x194c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:26:25.0655 0x194c  EapHost - ok
18:26:25.0795 0x194c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:26:25.0904 0x194c  ebdrv - ok
18:26:25.0951 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] EFS             C:\Windows\System32\lsass.exe
18:26:26.0029 0x194c  EFS - ok
18:26:26.0123 0x194c  [ 03E6888DA1A85ACF14AC2A3C328A9E62, 120A7A10F6DAC991B91BFEC5430FD9F929E173AB513891B229F19A9BA4EC3998 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
18:26:26.0154 0x194c  EgisTec Ticket Service - ok
18:26:26.0279 0x194c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:26:26.0341 0x194c  ehRecvr - ok
18:26:26.0403 0x194c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:26:26.0450 0x194c  ehSched - ok
18:26:26.0466 0x194c  [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
18:26:26.0481 0x194c  ElbyCDIO - ok
18:26:26.0528 0x194c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:26:26.0559 0x194c  elxstor - ok
18:26:26.0606 0x194c  [ 8E12D885D17EC5FA4F52D2C6E953E285, A39F9FF88A6401030FCDE47E4504A297FB590751C74627181EC42F1E298CED8E ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
18:26:26.0637 0x194c  ePowerSvc - ok
18:26:26.0700 0x194c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:26:26.0715 0x194c  ErrDev - ok
18:26:26.0762 0x194c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:26:26.0809 0x194c  EventSystem - ok
18:26:26.0871 0x194c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:26:26.0949 0x194c  exfat - ok
18:26:26.0981 0x194c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:26:27.0027 0x194c  fastfat - ok
18:26:27.0137 0x194c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:26:27.0215 0x194c  Fax - ok
18:26:27.0261 0x194c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:26:27.0324 0x194c  fdc - ok
18:26:27.0371 0x194c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:26:27.0464 0x194c  fdPHost - ok
18:26:27.0480 0x194c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:26:27.0542 0x194c  FDResPub - ok
18:26:27.0589 0x194c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:26:27.0589 0x194c  FileInfo - ok
18:26:27.0589 0x194c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:26:27.0651 0x194c  Filetrace - ok
18:26:27.0714 0x194c  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:26:27.0729 0x194c  FLEXnet Licensing Service - ok
18:26:27.0776 0x194c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:26:27.0839 0x194c  flpydisk - ok
18:26:27.0901 0x194c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:26:27.0932 0x194c  FltMgr - ok
18:26:28.0041 0x194c  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
18:26:28.0135 0x194c  FontCache - ok
18:26:28.0213 0x194c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:26:28.0229 0x194c  FontCache3.0.0.0 - ok
18:26:28.0385 0x194c  [ 75F3D3CA2B3C4A93CC6042EC9B9B7C2A, B6D85420F1ADF027972BC78EAEA5E4F2F6D259E19E714B0B4DADF34BAC4C92E6 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
18:26:28.0431 0x194c  Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
18:26:30.0959 0x194c  Freemake Improver ( UnsignedFile.Multi.Generic ) - warning
18:26:33.0486 0x194c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:26:33.0486 0x194c  FsDepends - ok
18:26:33.0517 0x194c  [ 8DE1B4F579F8F8897409856F3BB7A7D2, F6F6B2450951E875C3C236F7798F960FD4433EE6B0C57132CB3D32126BEE34E0 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
18:26:33.0533 0x194c  fssfltr - ok
18:26:33.0657 0x194c  [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:26:33.0689 0x194c  fsssvc - ok
18:26:33.0735 0x194c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:26:33.0751 0x194c  Fs_Rec - ok
18:26:33.0798 0x194c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:26:33.0813 0x194c  fvevol - ok
18:26:33.0860 0x194c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:26:33.0860 0x194c  gagp30kx - ok
18:26:33.0907 0x194c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:26:33.0938 0x194c  GEARAspiWDM - ok
18:26:34.0001 0x194c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:26:34.0079 0x194c  gpsvc - ok
18:26:34.0141 0x194c  [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
18:26:34.0172 0x194c  GREGService - ok
18:26:34.0203 0x194c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:26:34.0266 0x194c  hcw85cir - ok
18:26:34.0328 0x194c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:26:34.0375 0x194c  HdAudAddService - ok
18:26:34.0406 0x194c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:26:34.0437 0x194c  HDAudBus - ok
18:26:34.0469 0x194c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:26:34.0500 0x194c  HidBatt - ok
18:26:34.0515 0x194c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:26:34.0562 0x194c  HidBth - ok
18:26:34.0593 0x194c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:26:34.0625 0x194c  HidIr - ok
18:26:34.0656 0x194c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
18:26:34.0687 0x194c  hidserv - ok
18:26:34.0749 0x194c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:26:34.0796 0x194c  HidUsb - ok
18:26:34.0843 0x194c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:26:34.0890 0x194c  hkmsvc - ok
18:26:34.0921 0x194c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:26:34.0983 0x194c  HomeGroupListener - ok
18:26:35.0030 0x194c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:26:35.0061 0x194c  HomeGroupProvider - ok
18:26:35.0155 0x194c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:26:35.0171 0x194c  HpSAMD - ok
18:26:35.0264 0x194c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:26:35.0327 0x194c  HTTP - ok
18:26:35.0373 0x194c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:26:35.0405 0x194c  hwpolicy - ok
18:26:35.0467 0x194c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:26:35.0483 0x194c  i8042prt - ok
18:26:35.0529 0x194c  [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:26:35.0561 0x194c  iaStor - ok
18:26:35.0623 0x194c  [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:26:35.0639 0x194c  IAStorDataMgrSvc - ok
18:26:35.0670 0x194c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:26:35.0685 0x194c  iaStorV - ok
18:26:35.0779 0x194c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:26:35.0795 0x194c  idsvc - ok
18:26:35.0841 0x194c  IEEtwCollectorService - ok
18:26:35.0873 0x194c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:26:35.0873 0x194c  iirsp - ok
18:26:35.0982 0x194c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:26:36.0013 0x194c  IKEEXT - ok
18:26:36.0153 0x194c  [ F4C031439501F6C1D336A36D7CB58F4F, DAFE481F0AA5242E75A681706DA7D97D68E6A89FB31F3A298945CF7EA5DE4184 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:26:36.0216 0x194c  IntcAzAudAddService - ok
18:26:36.0263 0x194c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:26:36.0278 0x194c  intelide - ok
18:26:36.0309 0x194c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:26:36.0341 0x194c  intelppm - ok
18:26:36.0372 0x194c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:26:36.0419 0x194c  IPBusEnum - ok
18:26:36.0465 0x194c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:26:36.0528 0x194c  IpFilterDriver - ok
18:26:36.0590 0x194c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:26:36.0653 0x194c  iphlpsvc - ok
18:26:36.0699 0x194c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:26:36.0762 0x194c  IPMIDRV - ok
18:26:36.0793 0x194c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:26:36.0871 0x194c  IPNAT - ok
18:26:36.0980 0x194c  [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:26:37.0011 0x194c  iPod Service - ok
18:26:37.0027 0x194c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:26:37.0105 0x194c  IRENUM - ok
18:26:37.0121 0x194c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:26:37.0136 0x194c  isapnp - ok
18:26:37.0199 0x194c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:26:37.0230 0x194c  iScsiPrt - ok
18:26:37.0245 0x194c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
18:26:37.0261 0x194c  kbdclass - ok
18:26:37.0308 0x194c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:26:37.0323 0x194c  kbdhid - ok
18:26:37.0339 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] KeyIso          C:\Windows\system32\lsass.exe
18:26:37.0355 0x194c  KeyIso - ok
18:26:37.0401 0x194c  [ 211A379BAAB812A7B437319BD85B2435, 4C8B82817B735BEFC0C8E2A42C7EF547D1C179561D3C97B3067B5EA3408F9E4D ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:26:37.0417 0x194c  KSecDD - ok
18:26:37.0433 0x194c  [ CC1B3B52F33CBC1CE60867DA4E23537C, A373DBCE6A53B77F59D9C83E243E5C1A2B4C38571CA28198229730D612561978 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:26:37.0448 0x194c  KSecPkg - ok
18:26:37.0464 0x194c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:26:37.0495 0x194c  ksthunk - ok
18:26:37.0526 0x194c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:26:37.0589 0x194c  KtmRm - ok
18:26:37.0620 0x194c  [ 0E154DA6CA9105354A07D0C576804037, 10A7F6E2A031C2D96B362411DCA2C347E7D7B6ADED9021674E0E633AB9F45D7B ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
18:26:37.0635 0x194c  L1C - ok
18:26:37.0698 0x194c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
18:26:37.0791 0x194c  LanmanServer - ok
18:26:37.0838 0x194c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:26:37.0916 0x194c  LanmanWorkstation - ok
18:26:38.0493 0x194c  [ 8FB6D64CB42E660C4534D38013D64A03, 11A6A914E8588DDFDE32D12A858BA8A31783B5DDB42C9E7FD0F237D57A437976 ] LavasoftTcpService C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
18:26:38.0571 0x194c  LavasoftTcpService - ok
18:26:38.0618 0x194c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:26:38.0712 0x194c  lltdio - ok
18:26:38.0759 0x194c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:26:38.0852 0x194c  lltdsvc - ok
18:26:38.0883 0x194c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:26:38.0930 0x194c  lmhosts - ok
18:26:39.0008 0x194c  [ 926EBA26A8B49D1597751CED06B50862, 886FC610E379BD77146ADDC376D77437D88B593C7F1C3FEE2B93D934A67310F8 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:26:39.0039 0x194c  LMS - ok
18:26:39.0071 0x194c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:26:39.0086 0x194c  LSI_FC - ok
18:26:39.0102 0x194c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:26:39.0102 0x194c  LSI_SAS - ok
18:26:39.0117 0x194c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:26:39.0133 0x194c  LSI_SAS2 - ok
18:26:39.0133 0x194c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:26:39.0149 0x194c  LSI_SCSI - ok
18:26:39.0180 0x194c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:26:39.0211 0x194c  luafv - ok
18:26:39.0258 0x194c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:26:39.0273 0x194c  Mcx2Svc - ok
18:26:39.0289 0x194c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:26:39.0305 0x194c  megasas - ok
18:26:39.0336 0x194c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:26:39.0351 0x194c  MegaSR - ok
18:26:39.0383 0x194c  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:26:39.0398 0x194c  MEIx64 - ok
18:26:39.0476 0x194c  Microsoft SharePoint Workspace Audit Service - ok
18:26:39.0539 0x194c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:26:39.0585 0x194c  MMCSS - ok
18:26:39.0617 0x194c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:26:39.0710 0x194c  Modem - ok
18:26:39.0757 0x194c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:26:39.0788 0x194c  monitor - ok
18:26:39.0866 0x194c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:26:39.0897 0x194c  mouclass - ok
18:26:39.0913 0x194c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:26:39.0960 0x194c  mouhid - ok
18:26:40.0022 0x194c  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:26:40.0053 0x194c  mountmgr - ok
18:26:40.0178 0x194c  [ 63282F5EB7E5BFB58FD1EC93C6ADB457, 25096C4AE319E854153C75DCEC0A67A63F6B05FDD0B49D4D373724B3BF55D665 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:26:40.0209 0x194c  MozillaMaintenance - ok
18:26:40.0319 0x194c  [ DA0FAEE45D6F03D7647851A20977A7D0, AFB1EA053CD4BCA903868896D020205D4C207C85314E6C56C4663922A3F9BD6A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
18:26:40.0350 0x194c  MpFilter - ok
18:26:40.0365 0x194c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:26:40.0365 0x194c  mpio - ok
18:26:40.0397 0x194c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:26:40.0443 0x194c  mpsdrv - ok
18:26:40.0506 0x194c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:26:40.0553 0x194c  MpsSvc - ok
18:26:40.0615 0x194c  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:26:40.0693 0x194c  MRxDAV - ok
18:26:40.0755 0x194c  [ 07F8F6B0CAEC7ADD30EBD94940A315D7, 288429A146B74E88D93C5BC19D878A42AC6F411EE31D9A6D36A2A2FFCF7B9436 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:26:40.0833 0x194c  mrxsmb - ok
18:26:40.0880 0x194c  [ 8856E45D23BFF4D977BF06D0543BCD96, 0066C061A3516A16C2477590859865E46E522A290CCE17C3EC1B69F81E466E9E ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:26:40.0927 0x194c  mrxsmb10 - ok
18:26:40.0989 0x194c  [ 8D383CED28332B5F3894658857472F47, CB3872543D08C6432CF884C11A5897637A6FC7E9AC40F424444BAAA49C9FC32A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:26:41.0036 0x194c  mrxsmb20 - ok
18:26:41.0067 0x194c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:26:41.0099 0x194c  msahci - ok
18:26:41.0145 0x194c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:26:41.0177 0x194c  msdsm - ok
18:26:41.0192 0x194c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:26:41.0223 0x194c  MSDTC - ok
18:26:41.0270 0x194c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:26:41.0348 0x194c  Msfs - ok
18:26:41.0364 0x194c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:26:41.0395 0x194c  mshidkmdf - ok
18:26:41.0442 0x194c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:26:41.0473 0x194c  msisadrv - ok
18:26:41.0504 0x194c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:26:41.0582 0x194c  MSiSCSI - ok
18:26:41.0582 0x194c  msiserver - ok
18:26:41.0629 0x194c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:26:41.0660 0x194c  MSKSSRV - ok
18:26:41.0769 0x194c  [ C66FE30BBA4604A06EE9E4180ABE4BD9, 43E60C15C05FF19082142BB9D1F29D1B3269AD4A7FB32AF109AE63FE5A6AA0A9 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:26:41.0801 0x194c  MsMpSvc - ok
18:26:41.0847 0x194c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:26:41.0910 0x194c  MSPCLOCK - ok
18:26:41.0925 0x194c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:26:41.0988 0x194c  MSPQM - ok
18:26:42.0050 0x194c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:26:42.0081 0x194c  MsRPC - ok
18:26:42.0128 0x194c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:26:42.0159 0x194c  mssmbios - ok
18:26:42.0175 0x194c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:26:42.0222 0x194c  MSTEE - ok
18:26:42.0237 0x194c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:26:42.0269 0x194c  MTConfig - ok
18:26:42.0300 0x194c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:26:42.0315 0x194c  Mup - ok
18:26:42.0331 0x194c  [ 9B1EAC6FAF6F37305E822F5588DC8056, AE0DC044159BB03EE8A39AE0682C8F6A78D89AD5A6192E7006D75850ECD50E9D ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
18:26:42.0347 0x194c  mwlPSDFilter - ok
18:26:42.0362 0x194c  [ AD55C1524B296280ED9C6E0D730D35DA, 8E5F9652CFCB325E131CEB2E4871126EB6F940DF7894B2E7F8241F1EF69920ED ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
18:26:42.0362 0x194c  mwlPSDNServ - ok
18:26:42.0393 0x194c  [ 2B599E6EC8843637BDD62E7F8F3BA201, 51EE657FC6CA4F2BCC24573B27379231EF30920A559423A860A278C59F4B9F98 ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
18:26:42.0409 0x194c  mwlPSDVDisk - ok
18:26:42.0487 0x194c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:26:42.0581 0x194c  napagent - ok
18:26:42.0643 0x194c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:26:42.0705 0x194c  NativeWifiP - ok
18:26:42.0830 0x194c  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:26:42.0861 0x194c  NDIS - ok
18:26:42.0893 0x194c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:26:42.0971 0x194c  NdisCap - ok
18:26:43.0017 0x194c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:26:43.0033 0x194c  NdisTapi - ok
18:26:43.0095 0x194c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:26:43.0158 0x194c  Ndisuio - ok
18:26:43.0220 0x194c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:26:43.0298 0x194c  NdisWan - ok
18:26:43.0329 0x194c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:26:43.0392 0x194c  NDProxy - ok
18:26:43.0439 0x194c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:26:43.0532 0x194c  NetBIOS - ok
18:26:43.0610 0x194c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:26:43.0673 0x194c  NetBT - ok
18:26:43.0704 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] Netlogon        C:\Windows\system32\lsass.exe
18:26:43.0704 0x194c  Netlogon - ok
18:26:43.0766 0x194c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:26:43.0813 0x194c  Netman - ok
18:26:43.0875 0x194c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:43.0891 0x194c  NetMsmqActivator - ok
18:26:43.0907 0x194c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:43.0907 0x194c  NetPipeActivator - ok
18:26:43.0985 0x194c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:26:44.0078 0x194c  netprofm - ok
18:26:44.0109 0x194c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:44.0125 0x194c  NetTcpActivator - ok
18:26:44.0125 0x194c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:44.0141 0x194c  NetTcpPortSharing - ok
18:26:44.0172 0x194c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:26:44.0187 0x194c  nfrd960 - ok
18:26:44.0250 0x194c  [ 6D79C8CB73187FBEAAD1F680FADF98D3, 0075B2CCC4FFF929023F95686D7BBE32C0FCE05DEB2159C0784AF85D64E1B66E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:26:44.0281 0x194c  NisDrv - ok
18:26:44.0375 0x194c  [ B8F4F580638373FBF72F2B572446D294, A5CD9ABCA5CDC335D2C6FDCB81327B600150E45BB867B88859A00AF974B42F85 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
18:26:44.0406 0x194c  NisSrv - ok
18:26:44.0453 0x194c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:26:44.0546 0x194c  NlaSvc - ok
18:26:44.0593 0x194c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:26:44.0640 0x194c  Npfs - ok
18:26:44.0671 0x194c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:26:44.0749 0x194c  nsi - ok
18:26:44.0796 0x194c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:26:44.0889 0x194c  nsiproxy - ok
18:26:44.0967 0x194c  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:26:45.0014 0x194c  Ntfs - ok
18:26:45.0108 0x194c  [ D27A4546417ED7C4AEA7B3420D4F1F50, 8D52FF7D2C6E338E2E8B414F0FE9ED296A901CB38BCFF8814B1ECE52D8D1599D ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
18:26:45.0123 0x194c  NTI IScheduleSvc - ok
18:26:45.0155 0x194c  [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
18:26:45.0155 0x194c  NTIDrvr - ok
18:26:45.0170 0x194c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:26:45.0217 0x194c  Null - ok
18:26:45.0264 0x194c  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
18:26:45.0326 0x194c  nusb3hub - ok
18:26:45.0357 0x194c  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
18:26:45.0389 0x194c  nusb3xhc - ok
18:26:45.0435 0x194c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:26:45.0451 0x194c  nvraid - ok
18:26:45.0467 0x194c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:26:45.0498 0x194c  nvstor - ok
18:26:45.0529 0x194c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:26:45.0545 0x194c  nv_agp - ok
18:26:45.0591 0x194c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:26:45.0623 0x194c  ohci1394 - ok
18:26:45.0716 0x194c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:26:45.0747 0x194c  ose - ok
18:26:46.0013 0x194c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:26:46.0137 0x194c  osppsvc - ok
18:26:46.0200 0x194c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:26:46.0278 0x194c  p2pimsvc - ok
18:26:46.0309 0x194c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:26:46.0371 0x194c  p2psvc - ok
18:26:46.0418 0x194c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:26:46.0418 0x194c  Parport - ok
18:26:46.0481 0x194c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:26:46.0496 0x194c  partmgr - ok
18:26:46.0543 0x194c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:26:46.0590 0x194c  PcaSvc - ok
18:26:46.0605 0x194c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:26:46.0621 0x194c  pci - ok
18:26:46.0652 0x194c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:26:46.0668 0x194c  pciide - ok
18:26:46.0683 0x194c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:26:46.0699 0x194c  pcmcia - ok
18:26:46.0715 0x194c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:26:46.0730 0x194c  pcw - ok
18:26:46.0808 0x194c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:26:46.0855 0x194c  PEAUTH - ok
18:26:46.0933 0x194c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:26:46.0949 0x194c  PerfHost - ok
         

und hier Teil 2:
Code:
ATTFilter
18:26:47.0073 0x194c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:26:47.0136 0x194c  pla - ok
18:26:47.0167 0x194c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:26:47.0198 0x194c  PlugPlay - ok
18:26:47.0229 0x194c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:26:47.0245 0x194c  PNRPAutoReg - ok
18:26:47.0261 0x194c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:26:47.0276 0x194c  PNRPsvc - ok
18:26:47.0307 0x194c  [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64         C:\Windows\system32\DRIVERS\point64.sys
18:26:47.0323 0x194c  Point64 - ok
18:26:47.0401 0x194c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:26:47.0463 0x194c  PolicyAgent - ok
18:26:47.0510 0x194c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:26:47.0557 0x194c  Power - ok
18:26:47.0619 0x194c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:26:47.0697 0x194c  PptpMiniport - ok
18:26:47.0729 0x194c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:26:47.0775 0x194c  Processor - ok
18:26:47.0807 0x194c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:26:47.0885 0x194c  ProfSvc - ok
18:26:47.0885 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:26:47.0916 0x194c  ProtectedStorage - ok
18:26:47.0978 0x194c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:26:48.0056 0x194c  Psched - ok
18:26:48.0165 0x194c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:26:48.0197 0x194c  ql2300 - ok
18:26:48.0259 0x194c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:26:48.0290 0x194c  ql40xx - ok
18:26:48.0321 0x194c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:26:48.0353 0x194c  QWAVE - ok
18:26:48.0368 0x194c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:26:48.0384 0x194c  QWAVEdrv - ok
18:26:48.0415 0x194c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:26:48.0462 0x194c  RasAcd - ok
18:26:48.0524 0x194c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:26:48.0618 0x194c  RasAgileVpn - ok
18:26:48.0633 0x194c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:26:48.0680 0x194c  RasAuto - ok
18:26:48.0743 0x194c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:26:48.0789 0x194c  Rasl2tp - ok
18:26:48.0836 0x194c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:26:48.0867 0x194c  RasMan - ok
18:26:48.0899 0x194c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:26:48.0945 0x194c  RasPppoe - ok
18:26:48.0977 0x194c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:26:49.0023 0x194c  RasSstp - ok
18:26:49.0086 0x194c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:26:49.0133 0x194c  rdbss - ok
18:26:49.0179 0x194c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:26:49.0226 0x194c  rdpbus - ok
18:26:49.0273 0x194c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:26:49.0335 0x194c  RDPCDD - ok
18:26:49.0351 0x194c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:26:49.0445 0x194c  RDPENCDD - ok
18:26:49.0460 0x194c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:26:49.0507 0x194c  RDPREFMP - ok
18:26:49.0632 0x194c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:26:49.0663 0x194c  RdpVideoMiniport - ok
18:26:49.0725 0x194c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:26:49.0788 0x194c  RDPWD - ok
18:26:49.0850 0x194c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:26:49.0881 0x194c  rdyboost - ok
18:26:49.0913 0x194c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:26:49.0975 0x194c  RemoteAccess - ok
18:26:50.0022 0x194c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:26:50.0084 0x194c  RemoteRegistry - ok
18:26:50.0100 0x194c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:26:50.0131 0x194c  RpcEptMapper - ok
18:26:50.0162 0x194c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:26:50.0193 0x194c  RpcLocator - ok
18:26:50.0240 0x194c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
18:26:50.0271 0x194c  RpcSs - ok
18:26:50.0303 0x194c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:26:50.0349 0x194c  rspndr - ok
18:26:50.0396 0x194c  [ 9BEB5F18A418FF70659CE2E356829568, 8E327A99E68B5F9028778F5845719D00C590882B8609AF66D97DA880D537C937 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
18:26:50.0412 0x194c  RSUSBSTOR - ok
18:26:50.0427 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] SamSs           C:\Windows\system32\lsass.exe
18:26:50.0427 0x194c  SamSs - ok
18:26:50.0490 0x194c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:26:50.0521 0x194c  sbp2port - ok
18:26:50.0552 0x194c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:26:50.0599 0x194c  SCardSvr - ok
18:26:50.0646 0x194c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:26:50.0708 0x194c  scfilter - ok
18:26:50.0817 0x194c  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
18:26:50.0864 0x194c  Schedule - ok
18:26:50.0911 0x194c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:26:50.0973 0x194c  SCPolicySvc - ok
18:26:51.0020 0x194c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:26:51.0098 0x194c  SDRSVC - ok
18:26:51.0145 0x194c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:26:51.0176 0x194c  secdrv - ok
18:26:51.0223 0x194c  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
18:26:51.0317 0x194c  seclogon - ok
18:26:51.0348 0x194c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
18:26:51.0410 0x194c  SENS - ok
18:26:51.0441 0x194c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:26:51.0504 0x194c  SensrSvc - ok
18:26:51.0551 0x194c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:26:51.0551 0x194c  Serenum - ok
18:26:51.0597 0x194c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:26:51.0644 0x194c  Serial - ok
18:26:51.0722 0x194c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:26:51.0769 0x194c  sermouse - ok
18:26:51.0816 0x194c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:26:51.0878 0x194c  SessionEnv - ok
18:26:51.0925 0x194c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:26:51.0972 0x194c  sffdisk - ok
18:26:52.0003 0x194c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:26:52.0034 0x194c  sffp_mmc - ok
18:26:52.0065 0x194c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:26:52.0112 0x194c  sffp_sd - ok
18:26:52.0159 0x194c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:26:52.0206 0x194c  sfloppy - ok
18:26:52.0253 0x194c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:26:52.0331 0x194c  SharedAccess - ok
18:26:52.0393 0x194c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:26:52.0455 0x194c  ShellHWDetection - ok
18:26:52.0487 0x194c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:26:52.0487 0x194c  SiSRaid2 - ok
18:26:52.0549 0x194c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:26:52.0549 0x194c  SiSRaid4 - ok
18:26:52.0596 0x194c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:26:52.0658 0x194c  Smb - ok
18:26:52.0705 0x194c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:26:52.0721 0x194c  SNMPTRAP - ok
18:26:52.0752 0x194c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:26:52.0783 0x194c  spldr - ok
18:26:52.0861 0x194c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:26:52.0908 0x194c  Spooler - ok
18:26:53.0048 0x194c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:26:53.0173 0x194c  sppsvc - ok
18:26:53.0220 0x194c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:26:53.0298 0x194c  sppuinotify - ok
18:26:53.0329 0x194c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:26:53.0407 0x194c  srv - ok
18:26:53.0454 0x194c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:26:53.0485 0x194c  srv2 - ok
18:26:53.0516 0x194c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:26:53.0563 0x194c  srvnet - ok
18:26:53.0610 0x194c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:26:53.0735 0x194c  SSDPSRV - ok
18:26:53.0750 0x194c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:26:53.0781 0x194c  SstpSvc - ok
18:26:53.0875 0x194c  [ AAF6F247F1DC370C593B4430974EAD9C, 232D0D62EC83A5537ADB28B5DC01074BA812FE6C70C54F70CD7A5EF1BC19D3E1 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
18:26:53.0922 0x194c  ssudmdm - ok
18:26:53.0953 0x194c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:26:53.0969 0x194c  stexstor - ok
18:26:54.0031 0x194c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:26:54.0078 0x194c  stisvc - ok
18:26:54.0125 0x194c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:26:54.0140 0x194c  swenum - ok
18:26:54.0171 0x194c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:26:54.0218 0x194c  swprv - ok
18:26:54.0281 0x194c  [ EF51B22706DB03F0857FADE127C804EC, F3A97B8D94E96ACF93448CDF33DED97B076C3D8FFE42E9EAD088EE662306277B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:26:54.0327 0x194c  SynTP - ok
18:26:54.0421 0x194c  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
18:26:54.0530 0x194c  SysMain - ok
18:26:54.0577 0x194c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:26:54.0593 0x194c  TabletInputService - ok
18:26:54.0624 0x194c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:26:54.0671 0x194c  TapiSrv - ok
18:26:54.0717 0x194c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:26:54.0733 0x194c  TBS - ok
18:26:54.0842 0x194c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:26:54.0905 0x194c  Tcpip - ok
18:26:54.0967 0x194c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:26:55.0014 0x194c  TCPIP6 - ok
18:26:55.0061 0x194c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:26:55.0092 0x194c  tcpipreg - ok
18:26:55.0123 0x194c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:26:55.0170 0x194c  TDPIPE - ok
18:26:55.0232 0x194c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:26:55.0248 0x194c  TDTCP - ok
18:26:55.0310 0x194c  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:26:55.0357 0x194c  tdx - ok
18:26:55.0388 0x194c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:26:55.0404 0x194c  TermDD - ok
18:26:55.0497 0x194c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
18:26:55.0575 0x194c  TermService - ok
18:26:55.0607 0x194c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:26:55.0638 0x194c  Themes - ok
18:26:55.0669 0x194c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:26:55.0700 0x194c  THREADORDER - ok
18:26:55.0731 0x194c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:26:55.0763 0x194c  TrkWks - ok
18:26:55.0809 0x194c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:26:55.0856 0x194c  TrustedInstaller - ok
18:26:55.0887 0x194c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:26:55.0903 0x194c  tssecsrv - ok
18:26:55.0950 0x194c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:26:55.0981 0x194c  TsUsbFlt - ok
18:26:56.0059 0x194c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:26:56.0106 0x194c  tunnel - ok
18:26:56.0153 0x194c  [ 48743B69EA47C020A792D8649F753F44, 58BFF60271F62F5CB02A1181F44E94C230DF4A6EC5C072A476B2BED13239A70C ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
18:26:56.0168 0x194c  TurboB - ok
18:26:56.0184 0x194c  [ 759F59E3EA3802FF23F93DCDB6FE9171, DB5A6C1EDA10380C14A8C318D6C65ED691C36F726A6A20DB3038D8F55F1B76D8 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
18:26:56.0199 0x194c  TurboBoost - ok
18:26:56.0231 0x194c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:26:56.0231 0x194c  uagp35 - ok
18:26:56.0246 0x194c  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
18:26:56.0262 0x194c  UBHelper - ok
18:26:56.0324 0x194c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:26:56.0387 0x194c  udfs - ok
18:26:56.0402 0x194c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:26:56.0433 0x194c  UI0Detect - ok
18:26:56.0465 0x194c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:26:56.0480 0x194c  uliagpkx - ok
18:26:56.0543 0x194c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
18:26:56.0574 0x194c  umbus - ok
18:26:56.0605 0x194c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:26:56.0636 0x194c  UmPass - ok
18:26:56.0823 0x194c  [ FDF92EC84FECEE834FB10A2A0A19BCDA, F81FCA3BEC10C84335DBAD9D2CDAB98C62252A864F23BDD482F97F86D5FA0B15 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:26:56.0901 0x194c  UNS - ok
18:26:56.0948 0x194c  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
18:26:56.0964 0x194c  Updater Service - ok
18:26:56.0995 0x194c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:26:57.0042 0x194c  upnphost - ok
18:26:57.0104 0x194c  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:26:57.0151 0x194c  USBAAPL64 - ok
18:26:57.0198 0x194c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:26:57.0213 0x194c  usbccgp - ok
18:26:57.0276 0x194c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:26:57.0323 0x194c  usbcir - ok
18:26:57.0369 0x194c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:26:57.0385 0x194c  usbehci - ok
18:26:57.0432 0x194c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:26:57.0447 0x194c  usbhub - ok
18:26:57.0463 0x194c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:26:57.0479 0x194c  usbohci - ok
18:26:57.0510 0x194c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:26:57.0525 0x194c  usbprint - ok
18:26:57.0588 0x194c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
18:26:57.0603 0x194c  usbscan - ok
18:26:57.0650 0x194c  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:26:57.0697 0x194c  USBSTOR - ok
18:26:57.0744 0x194c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:26:57.0759 0x194c  usbuhci - ok
18:26:57.0822 0x194c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:26:57.0884 0x194c  usbvideo - ok
18:26:57.0947 0x194c  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
18:26:57.0962 0x194c  usb_rndisx - ok
18:26:57.0993 0x194c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:26:58.0025 0x194c  UxSms - ok
18:26:58.0040 0x194c  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:26:58.0040 0x194c  VaultSvc - ok
18:26:58.0103 0x194c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:26:58.0103 0x194c  vdrvroot - ok
18:26:58.0227 0x194c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:26:58.0274 0x194c  vds - ok
18:26:58.0321 0x194c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:26:58.0352 0x194c  vga - ok
18:26:58.0383 0x194c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:26:58.0430 0x194c  VgaSave - ok
18:26:58.0477 0x194c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:26:58.0493 0x194c  vhdmp - ok
18:26:58.0555 0x194c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:26:58.0555 0x194c  viaide - ok
18:26:58.0571 0x194c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:26:58.0586 0x194c  volmgr - ok
18:26:58.0633 0x194c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:26:58.0649 0x194c  volmgrx - ok
18:26:58.0680 0x194c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:26:58.0695 0x194c  volsnap - ok
18:26:58.0727 0x194c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:26:58.0727 0x194c  vsmraid - ok
18:26:58.0805 0x194c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:26:58.0883 0x194c  VSS - ok
18:26:58.0898 0x194c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:26:58.0945 0x194c  vwifibus - ok
18:26:58.0992 0x194c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:26:59.0023 0x194c  vwififlt - ok
18:26:59.0070 0x194c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:26:59.0085 0x194c  vwifimp - ok
18:26:59.0132 0x194c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:26:59.0195 0x194c  W32Time - ok
18:26:59.0210 0x194c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:26:59.0226 0x194c  WacomPen - ok
18:26:59.0288 0x194c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:26:59.0335 0x194c  WANARP - ok
18:26:59.0351 0x194c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:26:59.0366 0x194c  Wanarpv6 - ok
18:26:59.0444 0x194c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:26:59.0491 0x194c  wbengine - ok
18:26:59.0538 0x194c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:26:59.0569 0x194c  WbioSrvc - ok
18:26:59.0709 0x194c  [ B995CB950BBB00DB2BC7D02D693E5CC7, 6096A2C564B8A3263956BA2818B41D9CF37E29E3595638E48673A5D6705F7774 ] WCAssistantService C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
18:26:59.0725 0x194c  WCAssistantService - ok
18:26:59.0772 0x194c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:26:59.0819 0x194c  wcncsvc - ok
18:26:59.0850 0x194c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:26:59.0897 0x194c  WcsPlugInService - ok
18:26:59.0928 0x194c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:26:59.0928 0x194c  Wd - ok
18:27:00.0006 0x194c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:27:00.0037 0x194c  Wdf01000 - ok
18:27:00.0068 0x194c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:27:00.0115 0x194c  WdiServiceHost - ok
18:27:00.0115 0x194c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:27:00.0131 0x194c  WdiSystemHost - ok
18:27:00.0193 0x194c  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
18:27:00.0224 0x194c  WebClient - ok
18:27:00.0255 0x194c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:27:00.0302 0x194c  Wecsvc - ok
18:27:00.0333 0x194c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:27:00.0380 0x194c  wercplsupport - ok
18:27:00.0411 0x194c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:27:00.0443 0x194c  WerSvc - ok
18:27:00.0474 0x194c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:27:00.0505 0x194c  WfpLwf - ok
18:27:00.0521 0x194c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:27:00.0521 0x194c  WIMMount - ok
18:27:00.0552 0x194c  WinDefend - ok
18:27:00.0567 0x194c  WinHttpAutoProxySvc - ok
18:27:00.0614 0x194c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:27:00.0661 0x194c  Winmgmt - ok
18:27:00.0739 0x194c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
18:27:00.0833 0x194c  WinRM - ok
18:27:00.0911 0x194c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
18:27:00.0926 0x194c  WinUsb - ok
18:27:00.0973 0x194c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:27:01.0020 0x194c  Wlansvc - ok
18:27:01.0238 0x194c  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:27:01.0301 0x194c  wlidsvc - ok
18:27:01.0347 0x194c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:27:01.0379 0x194c  WmiAcpi - ok
18:27:01.0410 0x194c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:27:01.0425 0x194c  wmiApSrv - ok
18:27:01.0441 0x194c  WMPNetworkSvc - ok
18:27:01.0472 0x194c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:27:01.0488 0x194c  WPCSvc - ok
18:27:01.0535 0x194c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:27:01.0566 0x194c  WPDBusEnum - ok
18:27:01.0581 0x194c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:27:01.0628 0x194c  ws2ifsl - ok
18:27:01.0675 0x194c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
18:27:01.0722 0x194c  wscsvc - ok
18:27:01.0722 0x194c  WSearch - ok
18:27:01.0847 0x194c  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:27:01.0956 0x194c  wuauserv - ok
18:27:02.0003 0x194c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:27:02.0065 0x194c  WudfPf - ok
18:27:02.0096 0x194c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:27:02.0112 0x194c  WUDFRd - ok
18:27:02.0127 0x194c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:27:02.0159 0x194c  wudfsvc - ok
18:27:02.0205 0x194c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:27:02.0221 0x194c  WwanSvc - ok
18:27:02.0237 0x194c  ================ Scan global ===============================
18:27:02.0283 0x194c  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
18:27:02.0361 0x194c  [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
18:27:02.0377 0x194c  [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
18:27:02.0408 0x194c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:27:02.0486 0x194c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:27:02.0502 0x194c  [ Global ] - ok
18:27:02.0502 0x194c  ================ Scan MBR ==================================
18:27:02.0517 0x194c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:27:03.0500 0x194c  \Device\Harddisk0\DR0 - ok
18:27:03.0500 0x194c  ================ Scan VBR ==================================
18:27:03.0516 0x194c  [ AB2486A0FA37443338421535893287BB ] \Device\Harddisk0\DR0\Partition1
18:27:03.0547 0x194c  \Device\Harddisk0\DR0\Partition1 - ok
18:27:03.0563 0x194c  [ F3C5EFBC5666F01E270C48867AFF080D ] \Device\Harddisk0\DR0\Partition2
18:27:03.0594 0x194c  \Device\Harddisk0\DR0\Partition2 - ok
18:27:03.0594 0x194c  ================ Scan generic autorun ======================
18:27:03.0672 0x194c  [ 5FDFB8E924219645DD26D0FC378F8182, F704AED82B60D1B38E523E46F9788A65EF50D58439784DA6BF90E1C299994652 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
18:27:03.0703 0x194c  Acer ePower Management - ok
18:27:04.0093 0x194c  [ 238283A703AB55EA96168C81994671A5, 96FA85C882BDC0DF1B2207C9EB932FB2EA016E3C649FF1076DE7F0F83E258308 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:27:04.0187 0x0ee4  Object required for P2P: [ 63282F5EB7E5BFB58FD1EC93C6ADB457 ] MozillaMaintenance
18:27:04.0343 0x194c  RtHDVCpl - ok
18:27:04.0483 0x194c  [ BC5FA33CFDF1769C60FE89A7F8AA29B2, CCD36D9C4008B9AE425BB31517FF139D8E0C7DBB0D052AADE71D48936D164956 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:27:04.0530 0x194c  RtHDVBg - ok
18:27:04.0545 0x194c  IntelTBRunOnce - ok
18:27:04.0545 0x194c  SynTPEnh - ok
18:27:04.0686 0x194c  [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
18:27:04.0748 0x194c  IntelliPoint - ok
18:27:04.0873 0x194c  [ 68D45D36DD827738A2F2E8E21E53C193, C51BA0A2A40D320663BE5BF2519A61B831E12FEBB349E638246E87408AD02B84 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
18:27:04.0935 0x194c  CanonMyPrinter - ok
18:27:05.0045 0x194c  [ DD7B4F9E6B71A599FEF4BD9DA0AE57C2, 6B22356F74F7ED069A3FC39C62326AA98A70D0E860A2EB29A6C46F4077FB567A ] c:\Program Files\Microsoft Security Client\msseces.exe
18:27:05.0091 0x194c  MSC - ok
18:27:05.0185 0x194c  [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe
18:27:05.0201 0x194c  iTunesHelper - ok
18:27:05.0247 0x194c  [ C0B97E53A0E39A48EEA2DCD500EEA07A, 111FBD91850E52E61E6A4D8065BF56C9C6B89C55BA6312F726125F1CE4B09EE1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
18:27:05.0263 0x194c  IAStorIcon - ok
18:27:05.0357 0x194c  [ DED59B9CAFB20D0ABC4F15574209E09C, EB945F125C46316F8D1A4DA9039485A9223E77CAD6AF7E60E3EDF6644CF098CC ] C:\Program Files (x86)\Launch Manager\LManager.exe
18:27:05.0403 0x194c  LManager - ok
18:27:05.0481 0x194c  [ 4DDE3E01B5020B3D5DEEC7E3DC0F3185, C7315F3521EE461027A3DDE7CFC0EA4F8E705A98F9292284BB20620D7F34DDE9 ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
18:27:05.0513 0x194c  BackupManagerTray - ok
18:27:05.0544 0x194c  [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
18:27:05.0544 0x194c  NUSB3MON - ok
18:27:05.0622 0x194c  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe
18:27:05.0637 0x194c  MDS_Menu - ok
18:27:05.0731 0x194c  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
18:27:05.0762 0x194c  BCSSync - ok
18:27:05.0871 0x194c  [ 07447CE7F63DB2904AB0D3431A3EB2E5, F2F0F864171A78B65F12338F0DEB867E0C83D1484FFD0B08150B42CE37ACAB5A ] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
18:27:05.0903 0x194c  ProductUpdater - detected UnsignedFile.Multi.Generic ( 1 )
18:27:06.0761 0x0ee4  Object send P2P result: true
18:27:06.0761 0x0ee4  Object required for P2P: [ DA0FAEE45D6F03D7647851A20977A7D0 ] MpFilter
18:27:08.0352 0x194c  ProductUpdater ( UnsignedFile.Multi.Generic ) - warning
18:27:10.0901 0x194c  [ C9B67BCB8E384064A8C2263740B0C437, F2609406A84F3A8E256DD250F84A774EF43F92C9F8B373E297A99ACF95B3CCE4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:27:10.0932 0x194c  SunJavaUpdateSched - ok
18:27:11.0135 0x194c  [ B66E0842FCF485F3E2D41BF0BA10966F, 966B8386B2D060167E8EAAE478509013A8729FE2CF11F890D3F9DCDA90768F34 ] C:\Users\Anja Könemann-Meyer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
18:27:11.0182 0x194c  Spotify Web Helper - ok
18:27:11.0291 0x194c  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Anja Könemann-Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe
18:27:11.0322 0x194c  Dropbox Update - ok
18:27:11.0400 0x194c  [ 06F6DB72ADABC5E858F38EF69014CE52, B4AEABF3EA6FCABBED879D642BA070DF9C244E28DB5BDC3211205C7B8DB97BFB ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
18:27:11.0431 0x194c  OfficeSyncProcess - ok
18:27:11.0431 0x194c  Waiting for KSN requests completion. In queue: 256
18:27:11.0525 0x25b4  Object required for P2P: [ 68D45D36DD827738A2F2E8E21E53C193 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
18:27:12.0445 0x194c  Waiting for KSN requests completion. In queue: 246
18:27:12.0757 0x0ee4  Object send P2P result: true
18:27:12.0773 0x0ee4  Object required for P2P: [ 6D79C8CB73187FBEAAD1F680FADF98D3 ] NisDrv
18:27:13.0459 0x194c  Waiting for KSN requests completion. In queue: 202
18:27:14.0099 0x25b4  Object send P2P result: true
18:27:14.0473 0x194c  Waiting for KSN requests completion. In queue: 189
18:27:15.0347 0x0ee4  Object send P2P result: true
18:27:15.0378 0x0ee4  Object required for P2P: [ B995CB950BBB00DB2BC7D02D693E5CC7 ] WCAssistantService
18:27:15.0487 0x194c  Waiting for KSN requests completion. In queue: 23
18:27:16.0501 0x194c  Waiting for KSN requests completion. In queue: 23
18:27:17.0515 0x194c  Waiting for KSN requests completion. In queue: 23
18:27:17.0968 0x0ee4  Object send P2P result: true
18:27:18.0545 0x194c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x61000 ( enabled : updated )
18:27:18.0561 0x194c  Win FW state via NFP2: enabled ( trusted )
18:27:21.0025 0x194c  ============================================================
18:27:21.0025 0x194c  Scan finished
18:27:21.0025 0x194c  ============================================================
18:27:21.0041 0x1dfc  Detected object count: 2
18:27:21.0041 0x1dfc  Actual detected object count: 2
18:27:36.0061 0x1dfc  Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:36.0061 0x1dfc  Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:27:36.0061 0x1dfc  ProductUpdater ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:36.0061 0x1dfc  ProductUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:27:40.0522 0x20b8  Deinitialize success
         

Alt 22.04.2016, 17:47   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Standard

WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt



Schritt 1

Bitte deinstalliere folgende Programme:

FLVPlayer4Free Free FLV Player 4.4.0.0


Versuche es bei Windows 7 zunächst über Systemsteuerung/Programme deinstallieren.

Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung
  • Starte die Revouninstaller.exe
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
    Klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus:

Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3

  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Schritt 4

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 23.04.2016, 08:39   #9
A-und-T
 
WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Standard

WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt



Moin Moin und guten Morgen Jürgen,

vielen Dank für Dein bisheriges Kümmern! Der Durchlauf von ESET hat leider bis kurz vor Mitternacht gedauert, daher meine Antwort erst jetzt.

Ich konnte das Programm FLV PLayer.... über die Systemsteuerung deinstallieren. Die anderen Programme sind alle durchgelaufen und alle haben (leider) angeschlagen. Hier die entsprechenden LOG-files:

AdwCleaner:
Code:
ATTFilter
# AdwCleaner v5.112 - Bericht erstellt am 22/04/2016 um 19:05:05
# Aktualisiert am 17/04/2016 von Xplode
# Datenbank : 2016-04-19.5 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Anja Könemann-Meyer - ANJAKÖNEMANN
# Gestartet von : C:\Users\Anja Könemann-Meyer\Desktop\AdwCleaner_5.112.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst gelöscht : LavasoftTcpService
[-] Dienst gelöscht : WCAssistantService

***** [ Ordner ] *****

[-] Ordner gelöscht : C:\Program Files (x86)\lavasoft\web companion
[-] Ordner gelöscht : C:\ProgramData\lavasoft\web companion
[#] Ordner gelöscht : C:\ProgramData\Application Data\lavasoft\web companion
[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Ordner gelöscht : C:\Users\Anja Könemann-Meyer\AppData\Roaming\RPEng
[-] Ordner gelöscht : C:\Users\Anja Könemann-Meyer\AppData\Roaming\lavasoft\web companion

***** [ Dateien ] *****

[-] Datei gelöscht : C:\searchplugins\bing-lavasoft.xml
[-] Datei gelöscht : C:\Users\Anja Könemann-Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\41tisswg.default\searchplugins\bing-lavasoft.xml
[-] Datei gelöscht : C:\Windows\SysNative\LavasoftTcpService64.dll
[-] Datei gelöscht : C:\Windows\SysNative\LavasoftTcpServiceOff.ini
[-] Datei gelöscht : C:\Windows\SysWOW64\lavasofttcpservice.dll
[-] Datei gelöscht : C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKCU\Software\Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] Schlüssel gelöscht : HKCU\Software\WEBAPP
[-] Schlüssel gelöscht : HKCU\Software\madFlac
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1580922863-27489201-3224137613-1001\Software\Somoto Toolbar
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : HKU\S-1-5-21-1580922863-27489201-3224137613-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Wert gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[#] Wert gelöscht : HKU\S-1-5-21-1580922863-27489201-3224137613-1001\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Daten wiederhergestellt : HKU\S-1-5-21-1580922863-27489201-3224137613-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

***** [ Internetbrowser ] *****

[-] [C:\Users\Anja Könemann-Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\41tisswg.default\prefs.js] gelöscht : user_pref("browser.newtab.url", "hxxp://www.bing.com/?pc=COSP&ptag=D071815-A166D148A50&form=CONMHP&conlogo=CT3334470");
[-] [C:\Users\Anja Könemann-Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\41tisswg.default\prefs.js] gelöscht : user_pref("browser.newtabpage.url", "hxxp://www.bing.com/?pc=COSP&ptag=D071815-A166D148A50&form=CONMHP&conlogo=CT3334470");

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5091 Bytes] - [22/04/2016 19:05:05]
C:\AdwCleaner\AdwCleaner[R0].txt - [1585 Bytes] - [18/03/2015 23:15:58]
C:\AdwCleaner\AdwCleaner[S0].txt - [1655 Bytes] - [18/03/2015 23:17:45]
C:\AdwCleaner\AdwCleaner[S2].txt - [5709 Bytes] - [22/04/2016 19:00:23]
C:\AdwCleaner\AdwCleaner[S3].txt - [5782 Bytes] - [22/04/2016 19:04:24]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5456 Bytes] ##########
         

Als nächstes die LOG-Datei von MBAM:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 22.04.2016
Suchlaufzeit: 19:20
Protokolldatei: Mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.04.22.04
Rootkit-Datenbank: v2016.04.17.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Anja Könemann-Meyer

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 413160
Abgelaufene Zeit: 38 Min., 58 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 6
PUP.Optional.OpenCandy, C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\FreemakeVideoConverterFull.exe, In Quarantäne, [6a72e1d01881c57156a5baffd42c1de3], 
PUP.Optional.OpenCandy, C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\FreemakeVideoConverterFull.exe_2, In Quarantäne, [ae2ea40dd5c464d2bc3f328712ee26da], 
PUP.Optional.OpenCandy, C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\FreemakeVideoConverterFull.exe_3, In Quarantäne, [f1ebcbe69306df5729d2c8f1ee123dc3], 
PUP.Optional.APNToolBar, C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\APNSetup.exe, In Quarantäne, [6b71f1c020793bfb202bd974936eaa56], 
PUP.Optional.OpenCandy, C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\VideoConverter.exe, In Quarantäne, [f7e5733eadece254fcffe6d302fef60a], 
Trojan.Downloader, C:\Users\Anja Könemann-Meyer\Downloads\Anja Könemann-meyer Stellvertretender Sachbearbeiter Ebay AG 20.04.2016.zip, In Quarantäne, [8854a70a1188fd39776b6dcbef168e72], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         


Und als letztes ESET:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=7977b3e39631a04ea105b5f451276f23
# engine=18561
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-05 02:50:38
# local_time=2014-06-05 04:50:38 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 104734 153566488 0 0
# scanned=248669
# found=2
# cleaned=0
# scan_time=7824
sh=A47CAD9696067FE7841F862184C1A3E2651F6AD9 ft=1 fh=ab9bc4f37021b663 vn="Win32/Somoto.F evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\FLVPlayer4Free\videodownloadtoolbar-toolbar-setup.exe"
sh=32816F5236EC64E2DC140FE331954207AEF1B090 ft=1 fh=eb42f37c6c581ff1 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Anja Könemann-Meyer\Downloads\FreeiPadVideo3721Converter.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7977b3e39631a04ea105b5f451276f23
# end=init
# utc_time=2016-04-22 06:13:17
# local_time=2016-04-22 08:13:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 29196
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7977b3e39631a04ea105b5f451276f23
# end=updated
# utc_time=2016-04-22 06:16:32
# local_time=2016-04-22 08:16:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=7977b3e39631a04ea105b5f451276f23
# engine=29196
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-22 09:19:29
# local_time=2016-04-22 11:19:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 4942317 84343963 0 0
# scanned=392492
# found=2
# cleaned=2
# scan_time=10976
sh=9E0ED1569547199CBA367B9419D1B31D902A3747 ft=1 fh=ebbb512ffee3e10b vn="Win32/Wajam.K evtl. unerwünschte Anwendung (gelöscht)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Anja Könemann-Meyer\AppData\Roaming\RHEng\3B56C8FE50CB46788538DDE29541D161\WWE_1.41.1.2.exe.vir"
sh=B8535A15CF4EF3543635E23D5FC245F5A6E13992 ft=1 fh=7326da41001cd16c vn="Win32/UniBlue.E evtl. unerwünschte Anwendung (gelöscht)" ac=C fn="C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\is-QSAJC.tmp\sp-standalone-setup.exe"
         
ESET habe ich wie beschrieben bereits deinstalliert. Die anderen Programme nicht.

Alt 23.04.2016, 10:24   #10
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Standard

WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt



Sieht gut aus. Keine Malware...

Schritt 1



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 23.04.2016, 13:22   #11
A-und-T
 
WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Standard

WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt



Moin Moin,

vielen Dank für die erneut schnelle Rückmeldung. FRST ist durchgelaufen, jedoch erst im zweiten Versuch. Beim erstan Mal gab es keine Rückmeldung mehr, als das Programm oben links die Datei "AppID anzeigte. Auch abwarten brachte nix. Habe das Programm dann hart über den Task Manager beenden müssen. Der erneute Start lief durch.


Hier die FRST.txt:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
durchgeführt von Anja Könemann-Meyer (Administrator) auf ANJAKÖNEMANN (23-04-2016 13:28:58)
Gestartet von C:\Users\Anja Könemann-Meyer\Desktop
Geladene Profile: Anja Könemann-Meyer (Verfügbare Profile: Anja Könemann-Meyer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Anja Könemann-Meyer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860040 2010-10-29] (Acer Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11619432 2010-11-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2185832 2010-11-26] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-25] (CANON INC.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1025616 2010-12-09] (Dritek System Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2015-12-23] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\Run: [Spotify Web Helper] => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-11-22] (Spotify Ltd)
HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\Run: [Dropbox Update] => C:\Users\Anja Könemann-Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1580922863-27489201-3224137613-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [456224 2010-07-29] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{412A188C-9B1E-4B33-A51E-DC384474650A}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{D5B69A84-AB52-4A15-B29E-FDA71F5106C3}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-1580922863-27489201-3224137613-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1580922863-27489201-3224137613-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1580922863-27489201-3224137613-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1580922863-27489201-3224137613-1001 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-26] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-26] (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
DPF: HKLM-x32 {271A3CF5-5A54-447B-A08F-BE805F0DA60B} hxxps://www.olb.de/olb_fb3_1883/plugin/AXFOAM.CAB

FireFox:
========
FF ProfilePath: C:\Users\Anja Könemann-Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\41tisswg.default
FF DefaultSearchEngine: Bing®
FF SelectedSearchEngine: Bing®
FF Homepage: www.web.de
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1580922863-27489201-3224137613-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll [2012-09-15] (Amazon.com, Inc.)
FF Extension: X-notifier - C:\Users\Anja Könemann-Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\41tisswg.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2016-01-16]
FF Extension: OLB - C:\Users\Anja Könemann-Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\41tisswg.default\extensions\{C752FF21-A8EF-468E-B507-5BBAFB84359D} [2016-03-02]
FF Extension: DDBAC Plug-In - C:\Users\Anja Könemann-Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\41tisswg.default\Extensions\{271A3CF5-5A54-447B-A08F-BE805F0DA60A} [2013-11-07] [ist nicht signiert]
FF Extension: Video DownloadHelper - C:\Users\Anja Könemann-Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\41tisswg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-04-12]

Chrome: 
=======
CHR Profile: C:\Users\Anja Könemann-Meyer\AppData\Local\Google\Chrome\User Data\Default

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 CLKMSVC10_34E30CCC; C:\Program Files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe [254448 2010-11-25] (CyberLink)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-12-23] (Freemake) [Datei ist nicht signiert]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-04-28] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-04-28] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-23 13:23 - 2016-04-23 13:28 - 00018576 _____ C:\Users\Anja Könemann-Meyer\Desktop\FRST.txt
2016-04-22 20:11 - 2016-04-22 20:11 - 02870984 _____ (ESET) C:\Users\Anja Könemann-Meyer\Desktop\esetsmartinstaller_deu.exe
2016-04-22 20:10 - 2016-04-22 20:10 - 00002133 _____ C:\Users\Anja Könemann-Meyer\Desktop\Mbam.txt
2016-04-22 20:05 - 2016-04-22 20:05 - 00000000 ____H C:\ProgramData\cm-lock
2016-04-22 19:18 - 2016-04-22 20:08 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-22 19:18 - 2016-04-22 19:18 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-22 19:18 - 2016-04-22 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-04-22 19:18 - 2016-04-22 19:18 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-04-22 19:18 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-22 19:18 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-22 19:18 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-22 19:16 - 2016-04-22 19:16 - 22851472 _____ (Malwarebytes ) C:\Users\Anja Könemann-Meyer\Desktop\mbam-setup-2.2.1.1043.exe
2016-04-22 19:09 - 2016-04-22 19:09 - 00005538 _____ C:\Users\Anja Könemann-Meyer\Desktop\AdwCleaner[C1].txt
2016-04-22 19:02 - 2016-04-22 19:02 - 03683904 _____ C:\Users\Anja Könemann-Meyer\Desktop\AdwCleaner_5.112.exe
2016-04-22 18:25 - 2016-04-22 18:27 - 00211946 _____ C:\TDSSKiller.3.1.0.9_22.04.2016_18.25.38_log.txt
2016-04-22 18:19 - 2016-04-22 18:21 - 00210830 _____ C:\TDSSKiller.3.1.0.9_22.04.2016_18.19.23_log.txt
2016-04-22 18:19 - 2016-04-22 18:19 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Anja Könemann-Meyer\Desktop\tdsskiller.exe
2016-04-22 15:58 - 2016-04-23 13:28 - 00000000 ____D C:\FRST
2016-04-22 15:57 - 2016-04-22 15:57 - 02375680 _____ (Farbar) C:\Users\Anja Könemann-Meyer\Desktop\FRST64.exe
2016-04-17 20:08 - 2016-04-17 20:09 - 57034907 _____ C:\Users\Anja Könemann-Meyer\Downloads\Wasserwerk Nethen.zip
2016-04-16 09:05 - 2016-04-16 09:05 - 00000000 ____D C:\Users\Anja Könemann-Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-13 21:04 - 2016-04-22 19:05 - 00000000 ____D C:\searchplugins
2016-04-12 21:01 - 2016-04-22 19:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-09 18:48 - 2016-04-09 18:48 - 00000000 ____D C:\Users\Anja Könemann-Meyer\Documents\steuer
2016-04-02 17:20 - 2016-04-02 17:21 - 00000000 ____D C:\Users\Anja Könemann-Meyer\AppData\Local\Flixster
2016-04-02 17:20 - 2016-04-02 17:20 - 00000360 _____ C:\Users\Anja Könemann-Meyer\Desktop\Flixster Video.appref-ms
2016-04-02 17:20 - 2016-04-02 17:20 - 00000000 ____D C:\Users\Anja Könemann-Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flixster Video
2016-04-02 17:17 - 2016-04-02 17:21 - 00000000 ____D C:\Users\Anja Könemann-Meyer\AppData\Local\Deployment
2016-04-02 17:17 - 2016-04-02 17:17 - 00000000 ____D C:\Users\Anja Könemann-Meyer\AppData\Local\Apps\2.0
2016-04-02 17:16 - 2016-04-02 17:16 - 00499288 _____ () C:\Users\Anja Könemann-Meyer\Downloads\FlixsterSetup.exe
2016-04-01 22:13 - 2016-04-01 22:13 - 00001757 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-04-01 22:13 - 2016-04-01 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-04-01 22:12 - 2016-04-01 22:13 - 00000000 ____D C:\Program Files\iTunes
2016-04-01 22:12 - 2016-04-01 22:12 - 00000000 ____D C:\Program Files\iPod
2016-04-01 22:12 - 2016-04-01 22:12 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-28 15:31 - 2016-03-28 15:35 - 230913656 _____ C:\Users\Anja Könemann-Meyer\Downloads\WISOSteuersoftware2015Update229314.exe
2016-03-24 18:37 - 2016-03-24 18:39 - 124980336 _____ C:\Users\Anja Könemann-Meyer\Downloads\WISOSteuerSparbuch2016Update231404.exe
2016-03-24 18:32 - 2016-03-24 18:32 - 00002099 _____ C:\Users\Public\Desktop\WISO steuer Sparbuch 2016.lnk
2016-03-24 18:32 - 2016-03-24 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2016

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-23 12:46 - 2015-06-20 12:35 - 00001280 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1580922863-27489201-3224137613-1001UA.job
2016-04-23 12:36 - 2012-04-01 18:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-23 10:03 - 2009-07-14 06:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-23 10:03 - 2009-07-14 06:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-22 20:12 - 2011-04-10 11:55 - 00699682 _____ C:\Windows\system32\perfh007.dat
2016-04-22 20:12 - 2011-04-10 11:55 - 00149790 _____ C:\Windows\system32\perfc007.dat
2016-04-22 20:12 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-22 20:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-22 20:07 - 2011-06-25 18:38 - 00000000 ____D C:\ProgramData\clear.fi
2016-04-22 20:06 - 2014-06-04 00:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-04-22 20:05 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-22 19:12 - 2015-03-18 23:15 - 00000000 ____D C:\AdwCleaner
2016-04-22 19:06 - 2012-04-28 20:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-22 19:05 - 2015-07-18 21:02 - 00000000 ____D C:\Users\Anja Könemann-Meyer\AppData\Roaming\Lavasoft
2016-04-22 19:05 - 2015-07-18 21:01 - 00000000 ____D C:\ProgramData\Lavasoft
2016-04-22 19:05 - 2015-07-18 21:01 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2016-04-22 15:46 - 2015-06-20 12:35 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1580922863-27489201-3224137613-1001Core.job
2016-04-21 20:30 - 2011-06-25 18:53 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-16 09:05 - 2013-11-02 18:26 - 00000000 ____D C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox
2016-04-13 21:04 - 2014-12-04 21:10 - 00002278 _____ C:\Windows\wininit.ini
2016-04-11 21:17 - 2011-06-26 00:09 - 00000000 ____D C:\Users\Public\Documents\Thomas
2016-04-09 10:36 - 2012-04-01 18:43 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-09 10:36 - 2012-04-01 18:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-09 10:36 - 2011-06-25 21:55 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-01 22:33 - 2012-01-11 21:41 - 00000000 ____D C:\Program Files (x86)\WISO
2016-04-01 22:32 - 2010-12-10 21:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-01 22:12 - 2011-06-25 21:50 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-03-28 21:22 - 2015-04-05 00:48 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-28 21:22 - 2015-04-05 00:48 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-28 15:40 - 2012-01-11 21:44 - 00001023 _____ C:\Windows\wiso.ini
2016-03-26 13:17 - 2014-10-19 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-26 13:17 - 2014-10-19 16:32 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-26 13:16 - 2015-09-06 18:43 - 00000000 ____D C:\Users\Anja Könemann-Meyer\.oracle_jre_usage
2016-03-26 13:15 - 2014-10-19 16:33 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-03-26 13:01 - 2016-02-13 20:35 - 00000000 ___HD C:\$WINDOWS.~BT
2016-03-26 11:05 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2016-03-24 18:32 - 2012-01-11 21:44 - 00000000 ____D C:\Users\Anja Könemann-Meyer\AppData\Local\Buhl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-03-11 08:32 - 2015-07-25 09:21 - 0000093 _____ () C:\Users\Anja Könemann-Meyer\AppData\Roaming\ARCompanion.log
2011-06-25 22:26 - 2011-07-06 20:36 - 0001298 _____ () C:\Users\Anja Könemann-Meyer\AppData\Roaming\WebThread.log
2011-07-23 21:10 - 2015-07-24 16:59 - 0028672 _____ () C:\Users\Anja Könemann-Meyer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-06-25 22:31 - 2011-06-25 22:31 - 0000040 ___SH () C:\ProgramData\.zreglib
2011-04-10 02:31 - 2011-04-10 02:34 - 0016642 _____ () C:\ProgramData\ArcadeDeluxe5.log
2016-04-22 20:05 - 2016-04-22 20:05 - 0000000 ____H () C:\ProgramData\cm-lock
2010-12-10 21:09 - 2010-03-03 01:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\dcmsvcsetup.exe


Einige Dateien in TEMP:
====================
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\ARCompanionForSession1.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\avgnt.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbe2und.dll
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\i4jdel0.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\proxy_vole1981420142849376026.dll
C:\Users\Anja Könemann-Meyer\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-22 17:45

==================== Ende von FRST.txt ============================
         


und hier die Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016
durchgeführt von Anja Könemann-Meyer (2016-04-23 13:30:18)
Gestartet von C:\Users\Anja Könemann-Meyer\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-06-25 16:27:55)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1580922863-27489201-3224137613-500 - Administrator - Disabled)
Anja Könemann-Meyer (S-1-5-21-1580922863-27489201-3224137613-1001 - Administrator - Enabled) => C:\Users\Anja Könemann-Meyer
Gast (S-1-5-21-1580922863-27489201-3224137613-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1580922863-27489201-3224137613-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1216 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1216 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3000 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.1206.2010 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.5.0 - SlySoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{E69F8CE0-7EA0-63A9-5A5B-D8FD9BDCC219}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
Backup Manager V3 (x32 Version: 3.0.0.100 - NTI Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version:  - )
Canon MP Navigator EX 4.1 (HKLM-x32\...\MP Navigator EX 4.1) (Version:  - )
Canon MX410 series Benutzerregistrierung (HKLM-x32\...\Canon MX410 series Benutzerregistrierung) (Version:  - )
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
ccc-core-static (x32 Version: 2010.1028.1114.18274 - Ihr Firmenname) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2631 - CDBurnerXP)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1223.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1223.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7209 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3008 - Acer Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
dcmsvc 1.0 (HKLM-x32\...\dcmsvc_is1) (Version:  - )
DDBAC (HKLM-x32\...\{8E1246B9-9F66-4303-BF11-212EC2672BBE}) (Version: 5.3.13 - DataDesign)
Dropbox (HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Flixster Video (HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\44adf2ca8644bf21) (Version: 2.6.1.520 - Flixster Video)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 7.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.2.0 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 5.0.3 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MediaEspresso (x32 Version: 1.0.1210_33255 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8939 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8939 - NTI Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6254 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Spotify (HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
tiptoi® Manager 3.0.9 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.0.82.0 - Intel)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Web Companion (HKLM-x32\...\{4c71ec19-4e75-4091-847b-27b9e2344c32}) (Version: 2.3.1410.2697 - Lavasoft)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3007 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WISO steuer:Sparbuch 2016 (HKLM-x32\...\{15BDB724-27E9-45E7-AB81-3CE8FEA55DC8}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{6BC63926-A57A-435E-8313-FFC56EE1397C}) (Version: 22.00.8811 - Buhl Data Service GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1580922863-27489201-3224137613-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1580922863-27489201-3224137613-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1580922863-27489201-3224137613-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1580922863-27489201-3224137613-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1580922863-27489201-3224137613-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1CA6B6B3-0C8D-4A70-97FE-D50349BB422B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1580922863-27489201-3224137613-1001UA => C:\Users\Anja Könemann-Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {2F8998CF-EA88-404E-B8A4-61D4EA340DA8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {6BCCFA82-0011-4184-BA92-61F1EA0A27BD} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2010-12-23] (CyberLink)
Task: {6C26B7EF-1629-4198-8E9B-F9FD9B2D3BF6} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {A161B4DF-AAC1-4756-ADB4-AF9290142CE4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1580922863-27489201-3224137613-1001Core => C:\Users\Anja Könemann-Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {B836AFC1-C256-4A34-9D0C-154C35035464} - System32\Tasks\{2C4700D6-4465-4DD0-AD1A-07B516A1DD9B} => Firefox.exe hxxp://ui.skype.com/ui/0/4.1.0.179.367/de/abandoninstall?source=lightinstaller&amp;page=tsOptions&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {B912FFA5-FD27-4B21-A10E-FDF0814359DD} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2010-12-23] (CyberLink Corp.)
Task: {D5A6150C-F8C5-4CF2-8C90-79F2398A6A5D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {DA674130-A242-4AEC-9E98-4EB3B9110833} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-09] (Adobe Systems Incorporated)
Task: {DD63681E-B883-46A9-8389-8BB06FCFB109} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2010-12-23] (Acer Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1580922863-27489201-3224137613-1001Core.job => C:\Users\Anja Könemann-Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1580922863-27489201-3224137613-1001UA.job => C:\Users\Anja Könemann-Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Anja Könemann-Meyer\Desktop\Acer-Programme\Acer Zubehör Shop.lnk -> C:\Program Files\Acer Accessory Store\StartURL.exe () -> hxxp://store.acer-euro.com/de?utm_source=Icon&utm_medium=Icon&utm_campaign=Acer%2BInternal

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-11-23 21:56 - 2015-12-23 17:31 - 00073216 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2012-01-05 15:22 - 2012-01-05 15:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-01-05 15:22 - 2012-01-05 15:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-01-05 15:22 - 2012-01-05 15:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2010-12-23 14:46 - 2010-12-23 14:46 - 00210312 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2016-02-12 20:12 - 2016-02-12 20:12 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\517f6ac3a3d9fbdb4380859f99108c77\IsdiInterop.ni.dll
2010-12-10 21:00 - 2010-09-14 04:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7668 mehr Seiten.

IE trusted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\olb.de -> hxxps://www.olb.de
IE trusted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1580922863-27489201-3224137613-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7688 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2014-06-02 22:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1580922863-27489201-3224137613-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Anja Könemann-Meyer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupreg: AnyDVD => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: dcmsvc => C:\Program Files (x86)\dcmsvc\dcmsvc.exe
MSCONFIG\startupreg: EgisTecPMMUpdate => "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
MSCONFIG\startupreg: EgisUpdate => "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesHelper => C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A165E41E-F7FA-4CE2-9AFB-EB4621E21CB1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{3222B8AC-C31E-45FE-9C43-541675C2A2C0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{9626BAF0-1FA5-427A-A5C6-74C212C11106}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{46549643-5BF4-49B3-946A-5A5241B0925C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
FirewallRules: [{A72C855D-F1B4-4B78-A2B6-C0958C990A30}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
FirewallRules: [{B188C7B6-8C65-44C9-8D47-C64205035063}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
FirewallRules: [{D087F000-0464-44E5-9B35-ADD0A5EB45C9}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{CEA14A39-C4D2-413A-9516-558395B825E5}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{CD953CF2-724E-418B-A627-3F243EC6FF7A}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{F46F201B-08BC-4EB8-A13E-DA22AB132953}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{EFE816C5-EB58-4EBB-8C8E-F50D9DB7C0E2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{5F0F17AA-7AF5-40EC-AA23-D41FA3B1DE19}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{5D5AE86D-2C25-4DFA-9F31-E3E7573AFF37}] => (Allow) C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7F4C9309-93C7-46B7-9FB9-008CFCCE24FF}] => (Allow) C:\Users\Anja Könemann-Meyer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{FBB03CDC-9D58-4767-8571-85B934FCFDA7}C:\users\anja könemann-meyer\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\anja könemann-meyer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4F1F952B-EB70-4149-B894-2165D90C737E}C:\users\anja könemann-meyer\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\anja könemann-meyer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F55D983C-44E7-43F6-9DD5-2778E5225425}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{62975EC7-343F-464E-802E-8555FF84E329}] => (Allow) LPort=2869
FirewallRules: [{A88B5061-51ED-46CF-AF8E-B86CBC7878E0}] => (Allow) LPort=1900
FirewallRules: [{D5883ADB-FF37-45A1-B335-0335AD407F5A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{24A294D6-0B71-4AE3-9A65-1B49B6110FAC}C:\users\anja könemann-meyer\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\anja könemann-meyer\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{0CE229F7-F6E1-429C-B5FD-C8EF7D85F9CC}C:\users\anja könemann-meyer\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\anja könemann-meyer\appdata\roaming\spotify\spotify.exe
FirewallRules: [{484D613C-65CC-4138-831C-A57D4E103F90}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68621B12-D3A6-4533-953E-3E643A07D2CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4359A621-DE18-4175-BDC4-3DED32464AFE}C:\program files (x86)\flixster\flixster.exe] => (Allow) C:\program files (x86)\flixster\flixster.exe
FirewallRules: [UDP Query User{AD6FED63-8D4C-4C58-9E74-AC5142C87870}C:\program files (x86)\flixster\flixster.exe] => (Allow) C:\program files (x86)\flixster\flixster.exe
FirewallRules: [TCP Query User{A1B455D0-412A-466A-8FB5-0EAD40875204}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{BAF34F66-9BA7-45CB-9097-1E78E2F096FE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{824B43AE-C16D-41CD-BB98-95EBF23A7287}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{F8DF44DA-D7A5-4CFA-ADE3-934C8CCC93D9}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [TCP Query User{7760DC40-13A8-41A9-A1D1-B28D9E5B76C0}C:\users\anja könemann-meyer\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe] => (Allow) C:\users\anja könemann-meyer\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [UDP Query User{46ED3C86-9C71-4375-941F-57B004728213}C:\users\anja könemann-meyer\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe] => (Allow) C:\users\anja könemann-meyer\appdata\local\temp\fritz!wlanrepeater310\fsetup.exe
FirewallRules: [TCP Query User{9D15693C-01E1-494E-A3BA-AD70A55B2D5F}C:\program files (x86)\flixster\flixster.exe] => (Allow) C:\program files (x86)\flixster\flixster.exe
FirewallRules: [UDP Query User{AD93A342-07D8-4461-9AC4-6C08E1E7F3A7}C:\program files (x86)\flixster\flixster.exe] => (Allow) C:\program files (x86)\flixster\flixster.exe
FirewallRules: [{C5374B3D-DA36-4443-A327-F71D903C7F69}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{45670796-91CF-4AC9-93BE-950D8A6C8F2B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8B7AA4F7-AAA2-4DF5-923C-49F86E856093}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1D658620-567C-4D63-8DE1-AAD826E41AEC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E0BC69A4-9905-4FFD-85B6-1DA21BF6B81A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FE85EA94-E2A8-43C2-957B-04D6EB1B11D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68510114-640A-4DF6-83EB-2D397B1210A0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Disabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe] => Enabled:Spybot-S&D 2 Firewall service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe] => Enabled:Spybot-S&D 2 On-Access monitor service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSODSvc.exe] => Enabled:Spybot-S&D 2 Scan On Demand service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

01-04-2016 22:26:55 Entfernt WISO Steuer-Sparbuch 2013
01-04-2016 22:31:52 Entfernt WISO Steuer-Sparbuch 2014
09-04-2016 18:55:27 Windows Update
20-04-2016 07:46:40 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/23/2016 01:29:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 18.4.2016.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ff8

Startzeit: 01d19d529673c792

Endzeit: 0

Anwendungspfad: C:\Users\Anja Könemann-Meyer\Desktop\FRST64.exe

Berichts-ID: 30aed756-0946-11e6-a380-560f6e94b4e2

Error: (04/23/2016 09:29:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/22/2016 08:13:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/22/2016 08:12:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/22/2016 08:12:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/22/2016 08:11:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/18/2016 04:22:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2090

Error: (04/18/2016 04:22:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2090

Error: (04/18/2016 04:22:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/18/2016 04:22:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1092


Systemfehler:
=============
Error: (04/22/2016 11:19:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/22/2016 11:19:33 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\ANJAKN~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (04/22/2016 11:19:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/22/2016 11:19:32 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\ANJAKN~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (04/22/2016 11:19:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/22/2016 11:19:32 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\ANJAKN~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (04/22/2016 11:19:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/22/2016 11:19:32 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\ANJAKN~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (04/22/2016 11:19:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/22/2016 11:19:31 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\ANJAKN~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


CodeIntegrity:
===================================
  Date: 2015-07-18 16:26:54.625
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:26:54.515
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:21:33.076
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:21:32.980
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:21:16.813
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:21:16.718
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:21:00.083
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:20:59.988
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:20:07.642
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-18 16:20:07.536
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 6125.86 MB
Verfügbarer physikalischer RAM: 3758.73 MB
Summe virtueller Speicher: 12249.93 MB
Verfügbarer virtueller Speicher: 10093.87 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:683.54 GB) (Free:114.17 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 4D7F0FA2)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         


Ansonsten habe ich mit dem Rechner nicht gearbeitet. Insofern ist mir nix aufgefallen.

Alt 23.04.2016, 13:33   #12
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Standard

WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt



Zitat:
Zitat von A-und-T Beitrag anzeigen
Ich wollte das Microsoft inkludierte Antivirenprogramm updaten und einen vollständigen Kontrollauf starten, jedoch war das Update nicht möglich. Nach gut einem Viertel des Downloads zeigte der Fortschrittsanzeiger minutenlang keine Veränderungen mehr.
Meinst Du damit den Windows Defender?

Zitat:
Microsoft Security Essentials (Enabled - Up to date)
Das hier ist entscheidend...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 23.04.2016, 13:39   #13
A-und-T
 
WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Standard

WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt



Moin.

Ja ich habe die Essentials Securities.

Das Programm zeigt wieder "grün" an "PC Status: geschützt". Update der Virensignatur von 14.28 Uhr am heutigen Tage (muss ihm Hintergrund erfolgt sein).

Einen Scan des gesamten Systems habe ich mit dem Programm seit dem Problem am gestrigen Tage nicht durchgeführt.

Gruß

Thomas

Alt 23.04.2016, 14:05   #14
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Standard

WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt



Die veraltete Javaversion deinstallieren und bei Bedarf mit der aktuellen ersetzen.



Wir haben es geschafft!
Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.




Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.



Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.

Meine Kauf-Empfehlung:



Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 23.04.2016, 14:22   #15
A-und-T
 
WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Standard

WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt



Moin Jürgen,

vielen Dank für deine Unterstützung. Der Hausfrieden (und PC) sind wieder hergestellt.
Java ist gelöscht und einen vollständigen Scan mit den Microsoft Essentials führe ich gleich durch.

Eine Spende habe ich euch über Paypal bereits zukommen lassen.

Herzliche Grüße

Thomas

Antwort

Themen zu WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt
absender, anhang, anlage, antivirenprogramm, dateien, daten, device driver, dnsapi.dll, erhalte, launch, lavasofttcpservice64.dll, mail, meldungen, microsoft, minute, papierkorb, programm, scan, seite, signaturen, starten, task-manager, tool, unterstützung, update, updaten, virenscan, virensignaturen, win, windows



Ähnliche Themen: WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt


  1. E-Mail angeblich von Büromarkt Böttcher mit "leerer"-Word-Datei, leider von mir geöffnet
    Plagegeister aller Art und deren Bekämpfung - 08.03.2016 (17)
  2. Zip-Datei im Mail Anhang im Windows 10 PC, erzeugt "vvv"Datei Endungen
    Log-Analyse und Auswertung - 08.12.2015 (5)
  3. Phishing Mail unter Android angeklickt und ZIP-Datei geöffnet / XPERIA Z1
    Smartphone, Tablet & Handy Security - 03.06.2015 (1)
  4. DHL Phishing Mail - Link angeklickt - ZIP-Datei NICHT geöffnet / gelöscht
    Plagegeister aller Art und deren Bekämpfung - 11.05.2015 (8)
  5. Zip Anhang von eBay Mahnung angeklickt - Virus?
    Plagegeister aller Art und deren Bekämpfung - 27.06.2014 (1)
  6. Ebay Mahnung Mail Anhang geöffnet
    Log-Analyse und Auswertung - 27.06.2014 (9)
  7. Ebay Mail mit Mahnung von Anwaltskanzlei - Anhang geöffnet :(
    Plagegeister aller Art und deren Bekämpfung - 27.06.2014 (39)
  8. Windows 7: Auf Festplattenpartition für Daten befindet sich ein Ordner "SoftwareUpdater" mit einer Datei "SoftwareUpdater.Bootstrapper"
    Plagegeister aller Art und deren Bekämpfung - 10.02.2014 (13)
  9. Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut
    Plagegeister aller Art und deren Bekämpfung - 12.12.2013 (5)
  10. Windows7 X64: Antivir Fund: "TR/Spy.ZBot.aaop" Meldung: Zugriff auf Datei wurde blockiert. Datei war in E-Mail- Anhang.
    Log-Analyse und Auswertung - 28.11.2013 (9)
  11. Trojaner-Verdacht in E-Mail Anhang "Vertragliche Mahnung vom 13.05.2013 inkasso.com"
    Log-Analyse und Auswertung - 13.09.2013 (8)
  12. E-mail Mahnung die .zip Datei mit MS-Dos anwendung enthält (leider geöffnet)
    Log-Analyse und Auswertung - 21.08.2013 (9)
  13. Zip-Datei im E-Mail-Anhang von "Bestellung bei Amazon Buyvip" geöffnet
    Log-Analyse und Auswertung - 05.04.2013 (9)
  14. Mcafee findet Artemis!4B3812C4890C ( Trojaner ) in einer E-mail Anlage
    Plagegeister aller Art und deren Bekämpfung - 29.10.2011 (6)
  15. Mcafee findet Artemis!4B3812C4890C in einer E-mail Anlage
    Mülltonne - 26.10.2011 (1)
  16. Versteckte Datei "kdzqj.exe" in System32 und Reg-Eintrag "System" unter Winlogon
    Plagegeister aller Art und deren Bekämpfung - 25.03.2008 (22)
  17. Trojaner als Anhang einer "Ebay"-Rechnung
    Plagegeister aller Art und deren Bekämpfung - 01.07.2006 (4)

Zum Thema WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt - Moin Moin, meine Frau hat an ihren web.de Mailaccount eine Ebay-Mahnung erhalten von Sachbearbeiter@ebay.de (Wenn man über den Absender fährt, steht dann dort als Absender amazon.de?!). Da in der Mail - WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt...
Archiv
Du betrachtest: WIN 7: ZIP-Datei als Anlage zu einer Mail "EBAY-Mahnung" unter web.de-Adresse geöffnet / angeklickt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.